CVE-2011-1675

mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Published: 2011-04-10 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2011-1675 is rated Low Risk (24.7/100): CVSS Low severity, with low exploitation likelihood (EPSS 0.40%). Monitor for updates and reassess as exploit intelligence or EPSS changes.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2011-1675

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.03% 0.40% +0.37%
2 2025-05-20 0.07% 0.03% -0.03%
3 2025-03-17 0.07%

Full EPSS history (5 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2011-1675

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
3.3 2.0 LOW
AV:L/AC:M/Au:N/C:P/I:P/A:N Click to expand
Access vector (AV:L)
Requires local access to the target system.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:N)
No availability impact.
 3.4 4.9 [email protected]

Weakness enumeration for CVE-2011-1675

OS Trackers for CVE-2011-1675

vendor priority summary link
debian low CVE-2011-1675 low priority: Debian including 1 source packages (util-linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2011-1675
gentoo normal CVE-2011-1675: 1 GLSA(s) (201405-15), 1 atom(s) (sys-apps/util-linux); latest impact normal. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2011-1675
redhat low https://access.redhat.com/security/cve/CVE-2011-1675
ubuntu low CVE-2011-1675 low priority: Ubuntu including 1 source packages (util-linux), 15 status rows across 15 suites (dapper, hardy, karmic, lucid, maverick, natty, oneiric, precise, quantal, raring, saucy, trusty, upstream, utopic, vivid): ignored 10, not-affected 4, released 1. https://ubuntu.com/security/CVE-2011-1675

Affected software / configurations for CVE-2011-1675

Vendor Product Version Raw CPE
linux util-linux <= 2.19 cpe:2.3:a:linux:util-linux:*:*:*:*:*:*:*:*
linux util-linux 2.2 cpe:2.3:a:linux:util-linux:2.2:*:*:*:*:*:*:*
linux util-linux 2.5 cpe:2.3:a:linux:util-linux:2.5:*:*:*:*:*:*:*
linux util-linux 2.7 cpe:2.3:a:linux:util-linux:2.7:*:*:*:*:*:*:*
linux util-linux 2.8 cpe:2.3:a:linux:util-linux:2.8:*:*:*:*:*:*:*
linux util-linux 2.9 cpe:2.3:a:linux:util-linux:2.9:*:*:*:*:*:*:*
linux util-linux 2.10 cpe:2.3:a:linux:util-linux:2.10:*:*:*:*:*:*:*
linux util-linux 2.11 cpe:2.3:a:linux:util-linux:2.11:*:*:*:*:*:*:*
linux util-linux 2.12 cpe:2.3:a:linux:util-linux:2.12:*:*:*:*:*:*:*
linux util-linux 2.12 cpe:2.3:a:linux:util-linux:2.12:pre:*:*:*:*:*:*
linux util-linux 2.13 cpe:2.3:a:linux:util-linux:2.13:*:*:*:*:*:*:*
linux util-linux 2.13 cpe:2.3:a:linux:util-linux:2.13:pre:*:*:*:*:*:*
linux util-linux 2.14 cpe:2.3:a:linux:util-linux:2.14:*:*:*:*:*:*:*
linux util-linux 2.15 cpe:2.3:a:linux:util-linux:2.15:*:*:*:*:*:*:*
linux util-linux 2.16 cpe:2.3:a:linux:util-linux:2.16:*:*:*:*:*:*:*
linux util-linux 2.17 cpe:2.3:a:linux:util-linux:2.17:*:*:*:*:*:*:*
linux util-linux 2.18 cpe:2.3:a:linux:util-linux:2.18:*:*:*:*:*:*:*

References for CVE-2011-1675

URL Tags
http://openwall.com/lists/oss-security/2011/03/04/10 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/04/11 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/04/12 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/04/9 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/05/3 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/05/7 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/07/9 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/14/16 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/14/5 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/14/7 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/15/6 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/22/4 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/22/6 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/31/3 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/03/31/4 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2011/04/01/2 Mailing List Third Party Advisory
http://secunia.com/advisories/48114
http://www.redhat.com/support/errata/RHSA-2011-1691.html Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=688980 Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/66705
cvelogic Threat Intelligence