Arch Linux Security Advisory ASA-201601-25 ========================================== Severity: Critical Date : 2016-01-25 CVE-ID : CVE-2016-1572 Package : ecryptfs-utils Type : privilege escalation Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package ecryptfs-utils before version 108-2 is vulnerable to privilege escalation. Resolution ========== Upgrade to 108-2. # pacman -Syu "ecryptfs-utils>=108-2" The problem has been fixed upstream and the patch has been applied. Workaround ========== None. Description =========== An unprivileged user can mount an ecryptfs over /proc/$pid because according to stat(), it is a normal directory and owned by the user. However, the user is not actually permitted to create arbitrary directory entries in /proc/$pid, and ecryptfs' behavior might be enabling privilege escalation attacks with the help of other programs that use procfs. Impact ====== A remote attacker is able to elevate the privileges and gain unauthorized root access. References ========== https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1572 https://bugs.launchpad.net/ecryptfs/+bug/1530566 https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/870