CVE-2011-1749
EPSS 0.16%
Description
The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.
How to fix CVE-2011-1749
To remediate CVE-2011-1749, upgrade the affected package to a fixed version below.
- Debian/nfs-utils—upgrade to 1:1.2.3-3 or later
Is CVE-2011-1749 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1:1.2.3-3