This bug was fixed in the package ecryptfs-utils - 109-0ubuntu1
---------------
ecryptfs-utils (109-0ubuntu1) xenial; urgency=medium
[ Maikel ]
* doc/manpage/ecryptfs-migrate-home.8: Fix typos in man page (LP: #1518787)
[ Kylie McClain ]
* src/utils/mount.ecryptfs.c, src/utils/mount.ecryptfs_private.c: Fix build
issues on musl libc (LP: #1514625)
[ Colin Ian King ]
* src/daemon/main.c:
- Static analysis with Clang's scan-build shows that we can potentially
overflow the input buffer if the input is equal or more than the buffer
size. Need to guard against this by:
1. Only reading in input_size - 1 chars
2. Checking earlier on to see if input_size is value to insure that we
read in at least 1 char
[ Tyler Hicks ]
* src/utils/mount.ecryptfs_private.c:
- Refuse to mount over non-standard filesystems. Mounting over
certain types filesystems is a red flag that the user is doing
something devious, such as mounting over the /proc/self symlink
target with malicious content in order to confuse programs that may
attempt to parse those files. (LP: #1530566)
[ Dustin Kirkland ]
* xenial
-- Dustin Kirkland <[email protected]> Fri, 22 Jan 2016 10:05:35
-0600
** Changed in: ecryptfs-utils (Ubuntu Xenial)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1530566
Title:
privilege escalation by mounting over /proc/$pid
To manage notifications about this bug go to:
https://bugs.launchpad.net/ecryptfs/+bug/1530566/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
