You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt v0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable.
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
Learn more on MITRE.
fscryptthrough v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading tofscryptv0.3.3 or above and adjusting the permissions on existingfscryptmetadata directories where applicable.For more details, see CVE-2022-25326 and https://github.com/google/fscrypt#setting-up-fscrypt-on-a-filesystem.