CVE-2011-1089 in C Libraryinfo

Summary

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

02/24/2011

Disclosure

04/09/2011

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-16 (Confirmed)

CVSS

5.1

EPSS

0.00087

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-1089
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1089
CVE Details	https://www.cvedetails.com/cve/CVE-2011-1089/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!