openSUSE Security Update : ecryptfs-utils (openSUSE-SU-2011:0902-1)
Medium Nessus Plugin ID 75473
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update of ecryptfs-utils fixes several security problems :
- CVE-2011-1831 - Race condition when checking mountpoint during mount.
- CVE-2011-1832 - Race condition when checking mountpoint during unmount.
- CVE-2011-1833 - Race condition when checking source during mount.
- CVE-2011-1834 - Improper mtab handling allowing corruption due to resource limits, signals, etc.
- CVE-2011-1835 - Key poisoning in ecryptfs-setup-private due to insecure temp directory.
- CVE-2011-1837 - Predictable lock counter name and associated races.
SolutionUpdate the affected ecryptfs-utils packages.