{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware ESX version 4.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCO version 4.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCenter version 5.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCOps version 1.0.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 3.5 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Update Manager version 5.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Update Manager version 4.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCO version 4.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 4.1 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCenter version 4.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCenter version 4.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCOps version 5.0.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 4.0 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware VirtualCenter version 2.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Update Manager version 4.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 5.0 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX version 4.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX version 3.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1833"
    },
    {
      "name": "CVE-2012-0050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0050"
    },
    {
      "name": "CVE-2011-4132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4132"
    },
    {
      "name": "CVE-2011-4609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4609"
    },
    {
      "name": "CVE-2012-0207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0207"
    },
    {
      "name": "CVE-2011-5057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-5057"
    },
    {
      "name": "CVE-2010-4252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4252"
    },
    {
      "name": "CVE-2011-4619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4619"
    },
    {
      "name": "CVE-2012-2110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
    },
    {
      "name": "CVE-2011-4576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4576"
    },
    {
      "name": "CVE-2011-2496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2496"
    },
    {
      "name": "CVE-2009-5064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-5064"
    },
    {
      "name": "CVE-2011-4577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4577"
    },
    {
      "name": "CVE-2009-5029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-5029"
    },
    {
      "name": "CVE-2012-1569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1569"
    },
    {
      "name": "CVE-2011-4324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4324"
    },
    {
      "name": "CVE-2011-4110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4110"
    },
    {
      "name": "CVE-2011-4108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4108"
    },
    {
      "name": "CVE-2012-1583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1583"
    },
    {
      "name": "CVE-2010-2761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2761"
    },
    {
      "name": "CVE-2012-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0060"
    },
    {
      "name": "CVE-2012-0391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0391"
    },
    {
      "name": "CVE-2011-4325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4325"
    },
    {
      "name": "CVE-2010-0830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0830"
    },
    {
      "name": "CVE-2012-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0061"
    },
    {
      "name": "CVE-2010-4180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4180"
    },
    {
      "name": "CVE-2012-0864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0864"
    },
    {
      "name": "CVE-2011-3209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3209"
    },
    {
      "name": "CVE-2010-4410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4410"
    },
    {
      "name": "CVE-2012-0392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0392"
    },
    {
      "name": "CVE-2012-0394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0394"
    },
    {
      "name": "CVE-2012-0815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0815"
    },
    {
      "name": "CVE-2011-3188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3188"
    },
    {
      "name": "CVE-2011-1020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1020"
    },
    {
      "name": "CVE-2011-4109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4109"
    },
    {
      "name": "CVE-2012-1573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1573"
    },
    {
      "name": "CVE-2011-4128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4128"
    },
    {
      "name": "CVE-2012-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0841"
    },
    {
      "name": "CVE-2011-2484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2484"
    },
    {
      "name": "CVE-2012-0393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0393"
    },
    {
      "name": "CVE-2011-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3597"
    },
    {
      "name": "CVE-2011-3363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3363"
    },
    {
      "name": "CVE-2011-2699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2699"
    },
    {
      "name": "CVE-2011-0014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0014"
    },
    {
      "name": "CVE-2011-1089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1089"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-479",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-09-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eVMware\u003c/span\u003e. Elles concernent les \u00e9l\u00e9ments d\u0027\u00e9diteurs\ntiers impl\u00e9ment\u00e9s dans les solutions. Les \u00e9l\u00e9ments suivants ont \u00e9t\u00e9s mis\n\u00e0 jour :\n\n-   Java Runtime Environment (JRE) ;\n-   OpenSSL ;\n-   le noyau ;\n-   Perl ;\n-   libxml2 ;\n-   glibc ;\n-   GnuTLS ;\n-   popt et rpm ;\n-   Apache struts.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2012-0013 du 30 ao\u00fbt 2012",
      "url": "http://www.vmware.com/security/advisories/VMSA-2012-0013.html"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware ESX version 4.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCO version 4.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCenter version 5.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCOps version 1.0.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 3.5 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Update Manager version 5.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Update Manager version 4.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCO version 4.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 4.1 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCenter version 4.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCenter version 4.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware vCOps version 5.0.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 4.0 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware VirtualCenter version 2.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Update Manager version 4.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi version 5.0 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX version 4.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX version 3.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1833"
    },
    {
      "name": "CVE-2012-0050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0050"
    },
    {
      "name": "CVE-2011-4132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4132"
    },
    {
      "name": "CVE-2011-4609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4609"
    },
    {
      "name": "CVE-2012-0207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0207"
    },
    {
      "name": "CVE-2011-5057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-5057"
    },
    {
      "name": "CVE-2010-4252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4252"
    },
    {
      "name": "CVE-2011-4619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4619"
    },
    {
      "name": "CVE-2012-2110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
    },
    {
      "name": "CVE-2011-4576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4576"
    },
    {
      "name": "CVE-2011-2496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2496"
    },
    {
      "name": "CVE-2009-5064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-5064"
    },
    {
      "name": "CVE-2011-4577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4577"
    },
    {
      "name": "CVE-2009-5029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-5029"
    },
    {
      "name": "CVE-2012-1569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1569"
    },
    {
      "name": "CVE-2011-4324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4324"
    },
    {
      "name": "CVE-2011-4110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4110"
    },
    {
      "name": "CVE-2011-4108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4108"
    },
    {
      "name": "CVE-2012-1583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1583"
    },
    {
      "name": "CVE-2010-2761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2761"
    },
    {
      "name": "CVE-2012-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0060"
    },
    {
      "name": "CVE-2012-0391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0391"
    },
    {
      "name": "CVE-2011-4325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4325"
    },
    {
      "name": "CVE-2010-0830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0830"
    },
    {
      "name": "CVE-2012-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0061"
    },
    {
      "name": "CVE-2010-4180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4180"
    },
    {
      "name": "CVE-2012-0864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0864"
    },
    {
      "name": "CVE-2011-3209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3209"
    },
    {
      "name": "CVE-2010-4410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4410"
    },
    {
      "name": "CVE-2012-0392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0392"
    },
    {
      "name": "CVE-2012-0394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0394"
    },
    {
      "name": "CVE-2012-0815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0815"
    },
    {
      "name": "CVE-2011-3188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3188"
    },
    {
      "name": "CVE-2011-1020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1020"
    },
    {
      "name": "CVE-2011-4109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4109"
    },
    {
      "name": "CVE-2012-1573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1573"
    },
    {
      "name": "CVE-2011-4128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4128"
    },
    {
      "name": "CVE-2012-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0841"
    },
    {
      "name": "CVE-2011-2484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2484"
    },
    {
      "name": "CVE-2012-0393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0393"
    },
    {
      "name": "CVE-2011-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3597"
    },
    {
      "name": "CVE-2011-3363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3363"
    },
    {
      "name": "CVE-2011-2699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2699"
    },
    {
      "name": "CVE-2011-0014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0014"
    },
    {
      "name": "CVE-2011-1089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1089"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-479",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-09-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eVMware\u003c/span\u003e. Elles concernent les \u00e9l\u00e9ments d\u0027\u00e9diteurs\ntiers impl\u00e9ment\u00e9s dans les solutions. Les \u00e9l\u00e9ments suivants ont \u00e9t\u00e9s mis\n\u00e0 jour :\n\n-   Java Runtime Environment (JRE) ;\n-   OpenSSL ;\n-   le noyau ;\n-   Perl ;\n-   libxml2 ;\n-   glibc ;\n-   GnuTLS ;\n-   popt et rpm ;\n-   Apache struts.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2012-0013 du 30 ao\u00fbt 2012",
      "url": "http://www.vmware.com/security/advisories/VMSA-2012-0013.html"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D31AE8D-EEA4-4B31-A35A-565A7647B305",
              "versionEndIncluding": "3.0.44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D30AEC07-3CBD-4F4F-9646-BEAA1D98750B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "C2AA8E68-691B-499C-AEDD-3C0BFFE70044",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "9440475B-5960-4066-A204-F30AAFC87846",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "53BCFBFB-6AF0-4525-8623-7633CC5E17DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "6ED4E86A-74F0-436A-BEB4-3F4EE93A5421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "BF0365B0-8E16-4F30-BD92-5DD538CC8135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*",
              "matchCriteriaId": "079505E8-2942-4C33-93D1-35ADA4C39E72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "38989541-2360-4E0A-AE5A-3D6144AA6114",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E51646B-7A0E-40F3-B8C9-239C1DA81DD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "42A8A507-F8E2-491C-A144-B2448A1DB26E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "901FC6F3-2C2A-4112-AE27-AB102BBE8DEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "203AD334-DB9F-41B0-A4D1-A6C158EF8C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3611753-E440-410F-8250-600C996A4B8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9739BB47-EEAF-42F1-A557-2AE2EA9526A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A95E3BB-0AFC-4C2E-B9BE-C975E902A266",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "482A6C9A-9B8E-4D1C-917A-F16370745E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6D87357-63E0-41D0-9F02-1BCBF9A77E63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "3765A2D6-2D78-4FB1-989E-D5106BFA3F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F54257DB-7023-43C4-AC4D-9590B815CD92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "61FF5FCD-A4A1-4803-AC53-320A4C838AF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F096553-064F-46A2-877B-F32F163A0F49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0D762D1-E3AD-40EA-8D39-83EEB51B5E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6187D19-7148-4B87-AD7E-244FF9EE0FA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "99AC64C2-E391-485C-9CD7-BA09C8FA5E63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDA5E95-7805-441B-BEF7-4448EA45E964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "51561053-6C28-4F38-BC9B-3F7A7508EB72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "118F4A5B-C498-4FC3-BE28-50D18EBE4F22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD38EBE6-FE1A-4B55-9FB5-07952253B7A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A491E47-82AD-4055-9444-2EC0D6715326",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "13C5FD16-23B6-467F-9438-5B554922F974",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C67235F-5B51-4BF7-89EC-4810F720246F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "08405DEF-05F4-45F0-AC95-DBF914A36D93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A7B9C4B-4A41-4175-9F07-191C1EE98C1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B306E0A8-4D4A-4895-8128-A500D30A7E0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "295C839A-F34E-4853-A926-55EABC639412",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AFD5F49-7EF9-4CFE-95BD-8FD19B500B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "00B3DDDD-B2F6-4753-BA38-65A24017857D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "33FCD39E-F4BF-432D-9CF9-F195CF5844F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7308690-CB0D-4758-B80F-D2ADCD2A9D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "313A470B-8A2B-478A-82B5-B27D2718331C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "83FF021E-07E3-41CC-AAE8-D99D7FF24B9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "F72412E3-8DA9-4CC9-A426-B534202ADBA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCAA9D7A-3C3E-4C0B-9D38-EA80E68C2E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A9E3AE5-3FCF-4CBB-A30B-082BCFBFB0CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF715657-4C3A-4392-B85D-1BBF4DE45D89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B63C618-AC3D-4EF7-AFDF-27B9BF482B78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33DA5A9-5E40-4365-9602-82FB4DCD15B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFAFDB74-40BD-46FA-89AC-617EB2C7160B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF5F17DA-30A7-40CF-BD7C-CEDF06D64617",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "71A276F5-BD9D-4C1B-90DF-9B0C15B6F7DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid."
    },
    {
      "lang": "es",
      "value": "Condici\u00f3n de carrera en la funci\u00f3n ecryptfs_mount en fs/ecryptfs/main.c en el subsistema eCryptfs en el Kernel de Linux anteriores a v3.1 permite a usuarios locales evitar los permisos de ficheros impuestos a trav\u00e9s de montar una unidad con mount.ecryptfs_private con un uid que no coincide."
    }
  ],
  "id": "CVE-2011-1833",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-10-03T11:02:55.940",
  "references": [
    {
      "source": "security@ubuntu.com",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=764355487ea220fdc2faf128d577d7f679b91f97"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.ubuntu.com/usn/USN-1188-1"
    },
    {
      "source": "security@ubuntu.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=731172"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://github.com/torvalds/linux/commit/764355487ea220fdc2faf128d577d7f679b91f97"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=764355487ea220fdc2faf128d577d7f679b91f97"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1188-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=731172"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://github.com/torvalds/linux/commit/764355487ea220fdc2faf128d577d7f679b91f97"
    }
  ],
  "sourceIdentifier": "security@ubuntu.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        },
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "affected": [],
  "aliases": [
    "CVE-2011-1833"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-10-03T11:02:00Z",
    "severity": "LOW"
  },
  "details": "Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.",
  "id": "GHSA-6h3p-7rvv-c5j9",
  "modified": "2025-04-11T04:03:20Z",
  "published": "2022-05-17T04:50:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1833"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/764355487ea220fdc2faf128d577d7f679b91f97"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=731172"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=764355487ea220fdc2faf128d577d7f679b91f97"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=764355487ea220fdc2faf128d577d7f679b91f97"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1188-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

{
  "GSD": {
    "alias": "CVE-2011-1833",
    "description": "Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.",
    "id": "GSD-2011-1833",
    "references": [
      "https://www.suse.com/security/cve/CVE-2011-1833.html",
      "https://www.debian.org/security/2012/dsa-2443",
      "https://access.redhat.com/errata/RHSA-2011:1386",
      "https://access.redhat.com/errata/RHSA-2011:1350",
      "https://alas.aws.amazon.com/cve/html/CVE-2011-1833.html",
      "https://linux.oracle.com/cve/CVE-2011-1833.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-1833"
      ],
      "details": "Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.",
      "id": "GSD-2011-1833",
      "modified": "2023-12-13T01:19:08.464135Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@ubuntu.com",
        "ID": "CVE-2011-1833",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/torvalds/linux/commit/764355487ea220fdc2faf128d577d7f679b91f97",
            "refsource": "CONFIRM",
            "url": "https://github.com/torvalds/linux/commit/764355487ea220fdc2faf128d577d7f679b91f97"
          },
          {
            "name": "SUSE-SU-2011:0898",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html"
          },
          {
            "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=764355487ea220fdc2faf128d577d7f679b91f97",
            "refsource": "CONFIRM",
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=764355487ea220fdc2faf128d577d7f679b91f97"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=731172",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=731172"
          },
          {
            "name": "USN-1188-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1188-1"
          },
          {
            "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1",
            "refsource": "CONFIRM",
            "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.0.44",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "ID": "CVE-2011-1833"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                },
                {
                  "lang": "en",
                  "value": "CWE-362"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=731172",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=731172"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/764355487ea220fdc2faf128d577d7f679b91f97",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "https://github.com/torvalds/linux/commit/764355487ea220fdc2faf128d577d7f679b91f97"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=764355487ea220fdc2faf128d577d7f679b91f97",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=764355487ea220fdc2faf128d577d7f679b91f97"
            },
            {
              "name": "USN-1188-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-1188-1"
            },
            {
              "name": "SUSE-SU-2011:0898",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2014-03-08T04:47Z",
      "publishedDate": "2012-10-03T11:02Z"
    }
  }
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ecryptfs-utils-108-2.5 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the ecryptfs-utils-108-2.5 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10118",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10118-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-1831 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-1831/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-1832 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-1832/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-1833 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-1833/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-1834 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-1834/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-1835 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-1835/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-1836 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-1836/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-1837 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-1837/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-9687 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-9687/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-1572 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-1572/"
      }
    ],
    "title": "ecryptfs-utils-108-2.5 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10118-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ecryptfs-utils-108-2.5.aarch64",
                "product": {
                  "name": "ecryptfs-utils-108-2.5.aarch64",
                  "product_id": "ecryptfs-utils-108-2.5.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-32bit-108-2.5.aarch64",
                "product": {
                  "name": "ecryptfs-utils-32bit-108-2.5.aarch64",
                  "product_id": "ecryptfs-utils-32bit-108-2.5.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-devel-108-2.5.aarch64",
                "product": {
                  "name": "ecryptfs-utils-devel-108-2.5.aarch64",
                  "product_id": "ecryptfs-utils-devel-108-2.5.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-devel-32bit-108-2.5.aarch64",
                "product": {
                  "name": "ecryptfs-utils-devel-32bit-108-2.5.aarch64",
                  "product_id": "ecryptfs-utils-devel-32bit-108-2.5.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libecryptfs1-108-2.5.aarch64",
                "product": {
                  "name": "libecryptfs1-108-2.5.aarch64",
                  "product_id": "libecryptfs1-108-2.5.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libecryptfs1-32bit-108-2.5.aarch64",
                "product": {
                  "name": "libecryptfs1-32bit-108-2.5.aarch64",
                  "product_id": "libecryptfs1-32bit-108-2.5.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ecryptfs-utils-108-2.5.ppc64le",
                "product": {
                  "name": "ecryptfs-utils-108-2.5.ppc64le",
                  "product_id": "ecryptfs-utils-108-2.5.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-32bit-108-2.5.ppc64le",
                "product": {
                  "name": "ecryptfs-utils-32bit-108-2.5.ppc64le",
                  "product_id": "ecryptfs-utils-32bit-108-2.5.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-devel-108-2.5.ppc64le",
                "product": {
                  "name": "ecryptfs-utils-devel-108-2.5.ppc64le",
                  "product_id": "ecryptfs-utils-devel-108-2.5.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
                "product": {
                  "name": "ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
                  "product_id": "ecryptfs-utils-devel-32bit-108-2.5.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libecryptfs1-108-2.5.ppc64le",
                "product": {
                  "name": "libecryptfs1-108-2.5.ppc64le",
                  "product_id": "libecryptfs1-108-2.5.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libecryptfs1-32bit-108-2.5.ppc64le",
                "product": {
                  "name": "libecryptfs1-32bit-108-2.5.ppc64le",
                  "product_id": "libecryptfs1-32bit-108-2.5.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ecryptfs-utils-108-2.5.s390x",
                "product": {
                  "name": "ecryptfs-utils-108-2.5.s390x",
                  "product_id": "ecryptfs-utils-108-2.5.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-32bit-108-2.5.s390x",
                "product": {
                  "name": "ecryptfs-utils-32bit-108-2.5.s390x",
                  "product_id": "ecryptfs-utils-32bit-108-2.5.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-devel-108-2.5.s390x",
                "product": {
                  "name": "ecryptfs-utils-devel-108-2.5.s390x",
                  "product_id": "ecryptfs-utils-devel-108-2.5.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-devel-32bit-108-2.5.s390x",
                "product": {
                  "name": "ecryptfs-utils-devel-32bit-108-2.5.s390x",
                  "product_id": "ecryptfs-utils-devel-32bit-108-2.5.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libecryptfs1-108-2.5.s390x",
                "product": {
                  "name": "libecryptfs1-108-2.5.s390x",
                  "product_id": "libecryptfs1-108-2.5.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libecryptfs1-32bit-108-2.5.s390x",
                "product": {
                  "name": "libecryptfs1-32bit-108-2.5.s390x",
                  "product_id": "libecryptfs1-32bit-108-2.5.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ecryptfs-utils-108-2.5.x86_64",
                "product": {
                  "name": "ecryptfs-utils-108-2.5.x86_64",
                  "product_id": "ecryptfs-utils-108-2.5.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-32bit-108-2.5.x86_64",
                "product": {
                  "name": "ecryptfs-utils-32bit-108-2.5.x86_64",
                  "product_id": "ecryptfs-utils-32bit-108-2.5.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-devel-108-2.5.x86_64",
                "product": {
                  "name": "ecryptfs-utils-devel-108-2.5.x86_64",
                  "product_id": "ecryptfs-utils-devel-108-2.5.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ecryptfs-utils-devel-32bit-108-2.5.x86_64",
                "product": {
                  "name": "ecryptfs-utils-devel-32bit-108-2.5.x86_64",
                  "product_id": "ecryptfs-utils-devel-32bit-108-2.5.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libecryptfs1-108-2.5.x86_64",
                "product": {
                  "name": "libecryptfs1-108-2.5.x86_64",
                  "product_id": "libecryptfs1-108-2.5.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libecryptfs1-32bit-108-2.5.x86_64",
                "product": {
                  "name": "libecryptfs1-32bit-108-2.5.x86_64",
                  "product_id": "libecryptfs1-32bit-108-2.5.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-108-2.5.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64"
        },
        "product_reference": "ecryptfs-utils-108-2.5.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-108-2.5.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le"
        },
        "product_reference": "ecryptfs-utils-108-2.5.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-108-2.5.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x"
        },
        "product_reference": "ecryptfs-utils-108-2.5.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-108-2.5.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64"
        },
        "product_reference": "ecryptfs-utils-108-2.5.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-32bit-108-2.5.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64"
        },
        "product_reference": "ecryptfs-utils-32bit-108-2.5.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-32bit-108-2.5.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le"
        },
        "product_reference": "ecryptfs-utils-32bit-108-2.5.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-32bit-108-2.5.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x"
        },
        "product_reference": "ecryptfs-utils-32bit-108-2.5.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-32bit-108-2.5.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64"
        },
        "product_reference": "ecryptfs-utils-32bit-108-2.5.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-devel-108-2.5.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64"
        },
        "product_reference": "ecryptfs-utils-devel-108-2.5.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-devel-108-2.5.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le"
        },
        "product_reference": "ecryptfs-utils-devel-108-2.5.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-devel-108-2.5.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x"
        },
        "product_reference": "ecryptfs-utils-devel-108-2.5.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-devel-108-2.5.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64"
        },
        "product_reference": "ecryptfs-utils-devel-108-2.5.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-devel-32bit-108-2.5.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64"
        },
        "product_reference": "ecryptfs-utils-devel-32bit-108-2.5.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-devel-32bit-108-2.5.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le"
        },
        "product_reference": "ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-devel-32bit-108-2.5.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x"
        },
        "product_reference": "ecryptfs-utils-devel-32bit-108-2.5.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ecryptfs-utils-devel-32bit-108-2.5.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64"
        },
        "product_reference": "ecryptfs-utils-devel-32bit-108-2.5.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libecryptfs1-108-2.5.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64"
        },
        "product_reference": "libecryptfs1-108-2.5.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libecryptfs1-108-2.5.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le"
        },
        "product_reference": "libecryptfs1-108-2.5.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libecryptfs1-108-2.5.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x"
        },
        "product_reference": "libecryptfs1-108-2.5.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libecryptfs1-108-2.5.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64"
        },
        "product_reference": "libecryptfs1-108-2.5.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libecryptfs1-32bit-108-2.5.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64"
        },
        "product_reference": "libecryptfs1-32bit-108-2.5.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libecryptfs1-32bit-108-2.5.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le"
        },
        "product_reference": "libecryptfs1-32bit-108-2.5.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libecryptfs1-32bit-108-2.5.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x"
        },
        "product_reference": "libecryptfs1-32bit-108-2.5.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libecryptfs1-32bit-108-2.5.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
        },
        "product_reference": "libecryptfs1-32bit-108-2.5.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2011-1831",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-1831"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-1831",
          "url": "https://www.suse.com/security/cve/CVE-2011-1831"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 709771 for CVE-2011-1831",
          "url": "https://bugzilla.suse.com/709771"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 711539 for CVE-2011-1831",
          "url": "https://bugzilla.suse.com/711539"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2011-1831"
    },
    {
      "cve": "CVE-2011-1832",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-1832"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-1832",
          "url": "https://www.suse.com/security/cve/CVE-2011-1832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 709771 for CVE-2011-1832",
          "url": "https://bugzilla.suse.com/709771"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 711539 for CVE-2011-1832",
          "url": "https://bugzilla.suse.com/711539"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2011-1832"
    },
    {
      "cve": "CVE-2011-1833",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-1833"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-1833",
          "url": "https://www.suse.com/security/cve/CVE-2011-1833"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 709771 for CVE-2011-1833",
          "url": "https://bugzilla.suse.com/709771"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 711539 for CVE-2011-1833",
          "url": "https://bugzilla.suse.com/711539"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2011-1833"
    },
    {
      "cve": "CVE-2011-1834",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-1834"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-1834",
          "url": "https://www.suse.com/security/cve/CVE-2011-1834"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 709771 for CVE-2011-1834",
          "url": "https://bugzilla.suse.com/709771"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 711539 for CVE-2011-1834",
          "url": "https://bugzilla.suse.com/711539"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2011-1834"
    },
    {
      "cve": "CVE-2011-1835",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-1835"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-1835",
          "url": "https://www.suse.com/security/cve/CVE-2011-1835"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 709771 for CVE-2011-1835",
          "url": "https://bugzilla.suse.com/709771"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 711539 for CVE-2011-1835",
          "url": "https://bugzilla.suse.com/711539"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2011-1835"
    },
    {
      "cve": "CVE-2011-1836",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-1836"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-1836",
          "url": "https://www.suse.com/security/cve/CVE-2011-1836"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 709771 for CVE-2011-1836",
          "url": "https://bugzilla.suse.com/709771"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 711539 for CVE-2011-1836",
          "url": "https://bugzilla.suse.com/711539"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2011-1836"
    },
    {
      "cve": "CVE-2011-1837",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-1837"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-1837",
          "url": "https://www.suse.com/security/cve/CVE-2011-1837"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 709771 for CVE-2011-1837",
          "url": "https://bugzilla.suse.com/709771"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 711539 for CVE-2011-1837",
          "url": "https://bugzilla.suse.com/711539"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2011-1837"
    },
    {
      "cve": "CVE-2014-9687",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-9687"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-9687",
          "url": "https://www.suse.com/security/cve/CVE-2014-9687"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 920160 for CVE-2014-9687",
          "url": "https://bugzilla.suse.com/920160"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2014-9687"
    },
    {
      "cve": "CVE-2016-1572",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-1572"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
          "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-1572",
          "url": "https://www.suse.com/security/cve/CVE-2016-1572"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 962052 for CVE-2016-1572",
          "url": "https://bugzilla.suse.com/962052"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-108-2.5.x86_64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:ecryptfs-utils-devel-32bit-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-108-2.5.x86_64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.aarch64",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.ppc64le",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.s390x",
            "openSUSE Tumbleweed:libecryptfs1-32bit-108-2.5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-1572"
    }
  ]
}