Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 572500 (CVE-2016-1572) - sys-fs/ecryptfs-utils: privilege escalation by mounting over /proc/$pid (CVE-2016-1572)
Summary: sys-fs/ecryptfs-utils: privilege escalation by mounting over /proc/$pid (CVE-...
Alias: CVE-2016-1572
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
Whiteboard: ~1 [noglsa]
Depends on: 595264
  Show dependency tree
Reported: 2016-01-21 10:10 UTC by Thomas Deutschmann
Modified: 2020-03-25 21:26 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann gentoo-dev Security 2016-01-21 10:10:09 UTC
An unprivileged user can mount an ecryptfs over /proc/$pid because according to stat(), it is a normal directory and owned by the user. However, the user is not actually permitted to create arbitrary directory entries in /proc/$pid, and ecryptfs' behavior might be enabling privilege escalation attacks with the help of other programs that use procfs.


Upstream bug report with reproducer:

Proposed upstream patch:

Red Hat Bug:
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-09-20 00:52:42 UTC
@Maintainers ping.

Gentoo Security Padawan
Comment 2 Michael Boyle 2018-05-16 23:52:14 UTC
@maintainers ping.
 The fix was implemented upstream and release, please bump.

Michael Boyle
Gentoo Security Padawan
Comment 3 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2018-05-17 16:36:11 UTC
the package has no stable keywords
Comment 4 Larry the Git Cow gentoo-dev 2019-10-14 15:08:11 UTC
The bug has been referenced in the following commit(s):

commit c8d52e5c7308ae8eb0b87cc373289b0385d896a9
Author:     Ben Kohler <>
AuthorDate: 2019-10-14 15:06:01 +0000
Commit:     Ben Kohler <>
CommitDate: 2019-10-14 15:07:49 +0000

    sys-fs/ecryptfs-utils: bump to new snapshot
    Version bump bug has been open over 3 years with no known blocking
    problems.  I'm doing a non-maintainer bump to fix several outstanding
    Package-Manager: Portage-2.3.76, Repoman-2.3.17
    Signed-off-by: Ben Kohler <>

 sys-fs/ecryptfs-utils/Manifest                     |  1 +
 .../ecryptfs-utils-111_p20170609.ebuild            | 94 ++++++++++++++++++++++
 2 files changed, 95 insertions(+)
Comment 5 Larry the Git Cow gentoo-dev 2020-03-25 21:25:21 UTC
The bug has been referenced in the following commit(s):

commit d42e0b99be21688c9ca4b9bbb5a38c732bc0c961
Author:     Sam James (sam_c) <>
AuthorDate: 2020-03-25 03:26:37 +0000
Commit:     Thomas Deutschmann <>
CommitDate: 2020-03-25 21:24:41 +0000

    sys-fs/ecryptfs-utils: security cleanup (bug #572500)
    Signed-off-by: Sam James (sam_c) <>
    Signed-off-by: Thomas Deutschmann <>

 sys-fs/ecryptfs-utils/Manifest                     |  1 -
 sys-fs/ecryptfs-utils/ecryptfs-utils-108-r3.ebuild | 84 ----------------------
 2 files changed, 85 deletions(-)
Comment 6 Thomas Deutschmann gentoo-dev Security 2020-03-25 21:26:13 UTC
Repository is clean, all done!