CVE-2013-0157
EPSS 0.06%
Description
(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line option or (2) attempting to mount a non-existent device, which generates different error messages depending on whether the directory exists.
How to fix CVE-2013-0157
To remediate CVE-2013-0157, upgrade the affected package to a fixed version below.
- Debian/util-linux—upgrade to 2.20.1-5.5 or later
Is CVE-2013-0157 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.20.1-5.5