CVE-2011-1676

util-linux <2.19 - Local Info Disclosure

Title source: llm

Description

mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.

References (18)

[Exploit] http://openwall.com/lists/oss-security/2011/03/31/3

[Exploit] https://bugzilla.redhat.com/show_bug.cgi?id=688980

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/66704

[Mailing List] http://openwall.com/lists/oss-security/2011/03/04/10

[Mailing List] http://openwall.com/lists/oss-security/2011/03/04/11

[Mailing List] http://openwall.com/lists/oss-security/2011/03/04/12

[Mailing List] http://openwall.com/lists/oss-security/2011/03/04/9

[Mailing List] http://openwall.com/lists/oss-security/2011/03/05/3

[Mailing List] http://openwall.com/lists/oss-security/2011/03/05/7

[Mailing List] http://openwall.com/lists/oss-security/2011/03/07/9

[Mailing List] http://openwall.com/lists/oss-security/2011/03/14/16

[Mailing List] http://openwall.com/lists/oss-security/2011/03/14/5

[Mailing List] http://openwall.com/lists/oss-security/2011/03/14/7

[Mailing List] http://openwall.com/lists/oss-security/2011/03/15/6

[Mailing List] http://openwall.com/lists/oss-security/2011/03/22/4

[Mailing List] http://openwall.com/lists/oss-security/2011/03/22/6

[Mailing List] http://openwall.com/lists/oss-security/2011/03/31/4

[Mailing List] http://openwall.com/lists/oss-security/2011/04/01/2

Scores

EPSS 0.0010

EPSS Percentile 26.6%

Classification

CWE

CWE-264

Status draft

Affected Products (17)

linux/util-linux < 2.19

linux/util-linux

... and 2 more

Timeline

Published Apr 10, 2011

Tracked Since Feb 18, 2026