mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Util-linux | Linux | * | 2.19 (including) |
| Util-linux | Linux | 2.2 (including) | 2.2 (including) |
| Util-linux | Linux | 2.5 (including) | 2.5 (including) |
| Util-linux | Linux | 2.7 (including) | 2.7 (including) |
| Util-linux | Linux | 2.8 (including) | 2.8 (including) |
| Util-linux | Linux | 2.9 (including) | 2.9 (including) |
| Util-linux | Linux | 2.10 (including) | 2.10 (including) |
| Util-linux | Linux | 2.11 (including) | 2.11 (including) |
| Util-linux | Linux | 2.12 (including) | 2.12 (including) |
| Util-linux | Linux | 2.12-pre (including) | 2.12-pre (including) |
| Util-linux | Linux | 2.13 (including) | 2.13 (including) |
| Util-linux | Linux | 2.13-pre (including) | 2.13-pre (including) |
| Util-linux | Linux | 2.14 (including) | 2.14 (including) |
| Util-linux | Linux | 2.15 (including) | 2.15 (including) |
| Util-linux | Linux | 2.16 (including) | 2.16 (including) |
| Util-linux | Linux | 2.17 (including) | 2.17 (including) |
| Util-linux | Linux | 2.18 (including) | 2.18 (including) |
| Util-linux | Ubuntu | dapper | * |
| Util-linux | Ubuntu | hardy | * |
| Util-linux | Ubuntu | karmic | * |
| Util-linux | Ubuntu | lucid | * |
| Util-linux | Ubuntu | maverick | * |
| Util-linux | Ubuntu | natty | * |
| Util-linux | Ubuntu | oneiric | * |
| Util-linux | Ubuntu | quantal | * |
| Util-linux | Ubuntu | raring | * |
| Util-linux | Ubuntu | saucy | * |
| Util-linux | Ubuntu | upstream | * |
References
- http://openwall.com/lists/oss-security/2011/03/04/10
- http://openwall.com/lists/oss-security/2011/03/04/11
- http://openwall.com/lists/oss-security/2011/03/04/12
- http://openwall.com/lists/oss-security/2011/03/04/9
- http://openwall.com/lists/oss-security/2011/03/05/3
- http://openwall.com/lists/oss-security/2011/03/05/7
- http://openwall.com/lists/oss-security/2011/03/07/9
- http://openwall.com/lists/oss-security/2011/03/14/16
- http://openwall.com/lists/oss-security/2011/03/14/5
- http://openwall.com/lists/oss-security/2011/03/14/7
- http://openwall.com/lists/oss-security/2011/03/15/6
- http://openwall.com/lists/oss-security/2011/03/22/4
- http://openwall.com/lists/oss-security/2011/03/22/6
- http://openwall.com/lists/oss-security/2011/03/31/3
- http://openwall.com/lists/oss-security/2011/03/31/4
- http://openwall.com/lists/oss-security/2011/04/01/2
- https://bugzilla.redhat.com/show_bug.cgi?id=688980
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66704
- http://openwall.com/lists/oss-security/2011/03/04/10
- http://openwall.com/lists/oss-security/2011/03/04/11
- http://openwall.com/lists/oss-security/2011/03/04/12
- http://openwall.com/lists/oss-security/2011/03/04/9
- http://openwall.com/lists/oss-security/2011/03/05/3
- http://openwall.com/lists/oss-security/2011/03/05/7
- http://openwall.com/lists/oss-security/2011/03/07/9
- http://openwall.com/lists/oss-security/2011/03/14/16
- http://openwall.com/lists/oss-security/2011/03/14/5
- http://openwall.com/lists/oss-security/2011/03/14/7
- http://openwall.com/lists/oss-security/2011/03/15/6
- http://openwall.com/lists/oss-security/2011/03/22/4
- http://openwall.com/lists/oss-security/2011/03/22/6
- http://openwall.com/lists/oss-security/2011/03/31/3
- http://openwall.com/lists/oss-security/2011/03/31/4
- http://openwall.com/lists/oss-security/2011/04/01/2
- https://bugzilla.redhat.com/show_bug.cgi?id=688980
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66704