Description
It was found that mount.ecryptfs_private did not handle certain errors
correctly when updating the mtab (mounted file systems table) file,
allowing a local attacker to corrupt the mtab file and possibly unmount an
arbitrary file system. (CVE-2011-1834)
An insecure temporary file use flaw was found in the ecryptfs-setup-private
script. A local attacker could use this script to insert their own key that
will subsequently be used by a new user, possibly giving the attacker
access to the user's encrypted data if existing file permissions allow
access. (CVE-2011-1835)
A race condition flaw in mount.ecryptfs_private could allow a local
attacker to overwrite arbitrary files. (CVE-2011-1837)
A race condition flaw in the way temporary files were accessed in
mount.ecryptfs_private could allow a malicious, local user to make
arbitrary modifications to the mtab file. (CVE-2011-3145)
A race condition flaw was found in the way mount.ecryptfs_private checked
the permissions of the directory to mount. A local attacker could use this
flaw to mount (and then access) a directory they would otherwise not have
access to.