Fluid Attacks Database

Description

mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	util-linux	>=0 <2.20.1-1	2.20.1-1
debian 11	util-linux	>=0 <2.20.1-1	2.20.1-1
debian 13	util-linux	>=0 <2.20.1-1	2.20.1-1
debian 14	util-linux	>=0 <2.20.1-1	2.20.1-1
rpm rhel6	util-linux-ng	<0:2.17.2-12.4.el6	0:2.17.2-12.4.el6
rpm rhel5	util-linux	<0:2.13-0.59.el5	0:2.13-0.59.el5

Aliases

1. CVE-2011-16752. NVD-2011-16753. OSV-DEBIAN-2011-16754. OSV-2011-16755. SECURITY-TRACKER-CVE-2011-1675

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.