CVE-2011-1836
EPSS 0.05%
Description
utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process.
How to fix CVE-2011-1836
To remediate CVE-2011-1836, upgrade the affected package to a fixed version below.
- Debian/ecryptfs-utils—upgrade to 92-1 or later
Is CVE-2011-1836 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 92-1