CVE 2012-3409
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation
Related bugs and status
CVE-2012-3409 (Candidate) is related to these bugs:
Bug #329264: getpwuid fails silently when run as root inside of mlockall()
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 329264 | getpwuid fails silently when run as root inside of mlockall() | glibc (Ubuntu) | Undecided | Invalid | ||
| 329264 | getpwuid fails silently when run as root inside of mlockall() | ecryptfs-utils (Ubuntu) | Low | Fix Released | ||
| 329264 | getpwuid fails silently when run as root inside of mlockall() | linux (Ubuntu) | High | Fix Released | ||
Bug #732614: pam_ecryptfs doesn't drop gid when using user's files
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 732614 | pam_ecryptfs doesn't drop gid when using user's files | eCryptfs | High | Fix Released | ||
| 732614 | pam_ecryptfs doesn't drop gid when using user's files | ecryptfs-utils (Ubuntu) | High | Fix Released | ||
Bug #936093: Access-Your-Private-Data.desktop is not executable
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 936093 | Access-Your-Private-Data.desktop is not executable | ecryptfs-utils (Ubuntu) | Low | Fix Released | ||
Bug #1147348: Capabilities stored but not usable
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1147348 | Capabilities stored but not usable | eCryptfs | Undecided | Invalid | ||
See the 
CVE page on Mitre.org
for more details.
