关键漏洞信息 ID: Bug 841940 (CVE-2012-3409, CVE-2012-3409) 标题: ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev leading to possible privilege escalation 状态: CLOSED ERRATA 产品: Security Response 组件: vulnerability 操作系统: Linux 优先级: medium 严重性: medium 报告人: Vincent Danen 报告时间: 2012-07-20 15:25 UTC 关闭时间: 2012-07-24 04:54:33 UTC 漏洞描述 描述: The private ecryptfs mount helper (/sbin/mount.ecryptfs_private), which is setuid-root, could allow an unprivileged local user to mount user-controlled ecryptfs shares on the local system. Because the ecryptfs helper does not mount filesystems with the "nosuid" and "nodev" flags, it would be possible for a user to mount a filesystem containing setuid-root binaries and/or device files that could lead to the escalation of their privileges. This could be done via a USB device, if the user had physical access to the system. 影响版本: May only affect version 86 and later. 修复措施: Forcing MS_NOSUID and MS_NODEV mount flags was added to version 99. 修复信息 Red Hat Enterprise Linux 5 和 6: 不受影响。 Fedora 17: ecryptfs-utils-99-1.fc17 已推送到稳定仓库。 Fedora 16: ecryptfs-utils-99-1.fc16 已推送到稳定仓库。