Approved changes feed: RSS · Atom
cpe:2.3:a:google_llc:fscrypt:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Google Llc (c72c74b5-1c39-5d47-98b8-8dacb6f7d99a) |
|---|---|
| Product | Fscrypt (d3a89a8c-92ca-592f-9e14-dd3f18bcbca3) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-25328 |
vulnerable | 2026-06-03 14:46:37.553709 |
Privilege escalation through command injection in fscrypt
MEDIUM (5)
The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoint path and if the system administrator happens to be using the fscrypt bash completion script to complete mountpoint paths. We recommend upgrading to version 0.3.3 or above
Published: 2022-02-25T11:00:15.758Z
Updated: 2025-04-21T13:56:13.459Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-25327 |
vulnerable | 2026-06-03 14:46:37.553236 |
Local Denial of Service in fscrypt PAM module
MEDIUM (5.5)
The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the system. We recommend upgrading to version 0.3.3 or above
Published: 2022-02-25T11:00:14.437Z
Updated: 2025-04-21T13:56:22.478Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-25326 |
vulnerable | 2026-06-03 14:46:37.552042 |
Denial of Service in fscrypt
MEDIUM (5.5)
fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable.
Published: 2022-02-25T11:00:13.023Z
Updated: 2025-04-21T13:56:31.289Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.