Fscrypt Google Fscrypt

  1. Vendors
  2. Google
  3. Fscrypt
stack.watch can email you when security vulnerabilities are reported in Google Fscrypt. You can add multiple products that you use with Fscrypt to create your own personal software stack watcher.

By the Year

In 2021 there have been 0 vulnerabilities in Google Fscrypt . Fscrypt did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 1 6.50

It may take a day or so for new Fscrypt vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Google Fscrypt Security Vulnerabilities

The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications

CVE-2018-6558 6.5 - Medium - August 23, 2018

The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam).

CVE-2018-6558 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.