汇总 ecryptfs 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
历史漏洞主要涉及 输入验证问题与拒绝服务 等问题,部分漏洞可能导致 异常行为,并影响 生产负载与软件部署 相关场景。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2012-3409 | ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation | [email protected] | 7.8 | 0.41% | 2019-12-20 | 2024-11-21 |
| CVE-2016-6224 | ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8946. | [email protected] | 3.3 | 0.38% | 2016-07-22 | 2026-05-06 |
| CVE-2015-8946 | ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors. | [email protected] | 3.3 | 0.35% | 2016-07-22 | 2026-05-06 |
| CVE-2016-1572 | mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid. | [email protected] | 8.4 | 0.37% | 2016-01-22 | 2026-05-06 |
| CVE-2014-9687 | eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack. | [email protected] | 5.0 | 2.18% | 2015-03-16 | 2026-05-06 |
| CVE-2011-1837 | The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors. | [email protected] | 3.6 | 0.38% | 2014-02-15 | 2026-04-29 |
| CVE-2011-1836 | utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process. | [email protected] | 4.6 | 0.38% | 2014-02-15 | 2026-04-29 |
| CVE-2011-1835 | The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps. | [email protected] | 4.4 | 0.35% | 2014-02-15 | 2026-04-29 |
| CVE-2011-1834 | utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call. | [email protected] | 2.1 | 0.38% | 2014-02-15 | 2026-04-29 |
| CVE-2011-1832 | utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call. | [email protected] | 2.1 | 0.38% | 2014-02-15 | 2026-04-29 |
| CVE-2011-1831 | utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call. | [email protected] | 4.6 | 0.37% | 2014-02-15 | 2026-04-29 |
| CVE-2008-5188 | The (1) ecryptfs-setup-private, (2) ecryptfs-setup-confidential, and (3) ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process. | [email protected] | 7.2 | 0.39% | 2008-11-21 | 2026-04-23 |