CVE-2011-1089

Severity

32%

Complexity

34%

Confidentiality

81%

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.

CVSS 2.0 Base Score 3.3. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:P/I:P/A:N).

Overview

First reported 13 years ago

2011-04-10 02:55:00

Last updated 8 years ago

2016-12-07 18:15:00

Affected Software

GNU glibc 1.00

1.00

GNU glibc 1.01

1.01

GNU glibc 1.02

1.02

GNU glibc 1.03

1.03

GNU glibc 1.04

1.04

GNU glibc 1.05

1.05

GNU glibc 1.06

1.06

GNU glibc 1.07

1.07

GNU glibc 1.08

1.08

GNU glibc 1.09

1.09

GNU glibc 1.09.1

1.09.1

GNU glibc 2.0

2.0

GNU glibc 2.0.1

2.0.1

GNU glibc 2.0.2

2.0.2

GNU glibc 2.0.3

2.0.3

GNU glibc 2.0.4

2.0.4

GNU glibc 2.0.5

2.0.5

GNU glibc 2.0.6

2.0.6

GNU glibc 2.1

2.1

GNU glibc 2.1.1

2.1.1

GNU glibc 2.1.1.6

2.1.1.6

GNU glibc 2.1.2

2.1.2

GNU glibc 2.1.3

2.1.3

GNU glibc 2.1.3.10

2.1.3.10

GNU glibc 2.1.9

2.1.9

GNU glibc 2.2

2.2

GNU glibc 2.2.1

2.2.1

GNU glibc 2.2.2

2.2.2

GNU glibc 2.2.3

2.2.3

GNU glibc 2.2.4

2.2.4

GNU glibc 2.2.5

2.2.5

GNU glibc 2.3

2.3

GNU glibc 2.3.1

2.3.1

GNU glibc 2.3.2

2.3.2

GNU glibc 2.3.3

2.3.3

GNU glibc 2.3.4

2.3.4

GNU glibc 2.3.5

2.3.5

GNU glibc 2.3.6

2.3.6

GNU glibc 2.3.10

2.3.10

GNU glibc 2.4

2.4

GNU glibc 2.5

2.5

GNU glibc 2.5.1

2.5.1

GNU glibc 2.6

2.6

GNU glibc 2.6.1

2.6.1

GNU glibc 2.7

2.7

GNU glibc 2.8

2.8

GNU glibc 2.9

2.9

GNU glibc 2.10

2.10

GNU glibc 2.10.1

2.10.1

GNU glibc 2.10.2

2.10.2

GNU glibc 2.11

2.11

GNU glibc 2.11.1

2.11.1

GNU glibc 2.11.2

2.11.2

GNU glibc 2.11.3

2.11.3

GNU glibc 2.12.0

2.12.0

GNU glibc 2.12.1

2.12.1

GNU glibc 2.12.2

2.12.2

GNU glibc

References

[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

Mailing List, Third Party Advisory

http://sourceware.org/bugzilla/show_bug.cgi?id=12625

Issue Tracking

MDVSA-2011:178

Broken Link

MDVSA-2011:179

Broken Link

RHSA-2011:1526

Third Party Advisory

46740

Third Party Advisory, VDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=688980

Issue Tracking

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.