CVE-2010-2961

mountall <2.15.2 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2961. PoCs published by fuzz.

AI-analyzed exploit summary This exploit leverages a udev rule injection vulnerability (CVE-2010-2961) to execute arbitrary code with root privileges. It creates a malicious udev rule that triggers a shell script to set the SUID bit on a compiled binary containing shellcode, leading to local privilege escalation.

Description

mountall.c in mountall before 2.15.2 uses 0666 permissions for the root.rules file, which allows local users to gain privileges by modifying this file.

Exploits (1)

exploitdb WORKING POC VERIFIED
by fuzz · bashlocallinux
https://www.exploit-db.com/exploits/15074

This exploit leverages a udev rule injection vulnerability (CVE-2010-2961) to execute arbitrary code with root privileges. It creates a malicious udev rule that triggers a shell script to set the SUID bit on a compiled binary containing shellcode, leading to local privilege escalation.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: udev (Ubuntu 10.04, 10.10)
Auth required
Prerequisites: Local access to the target system · Ability to write to /dev/.udev/rules.d/ · Triggering a udev event
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2342
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/67914
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-985-1
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/41351

Scores

EPSS 0.0048
EPSS Percentile 37.8%

Details

CWE
CWE-362
Status published
Products (2)
scott_james_remnant/mountall 1.0
scott_james_remnant/mountall < 2.14
Published Sep 14, 2010
Tracked Since Feb 18, 2026