[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247974

 
 

909

 
 

194654

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-8946Date: (C)2016-08-25   (M)2023-12-22


ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 3.3CVSS Score : 2.1
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 1.4Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: LOWAvailability: NONE
Integrity: NONE 
Availability: NONE 
  
Reference:
USN-3032-1
http://www.openwall.com/lists/oss-security/2016/07/13/2
http://www.openwall.com/lists/oss-security/2016/07/14/3
https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282

CPE    3
cpe:/o:canonical:ubuntu_linux:15.10
cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
cpe:/a:ecryptfs:ecryptfs-utils
CWE    1
CWE-20
OVAL    3
oval:org.secpod.oval:def:89002385
oval:org.secpod.oval:def:110889
oval:org.secpod.oval:def:111564

© SecPod Technologies