Oval Definition:
oval:com.ubuntu.artful:def:20162854000
Revision Date
:
2016-05-02
Version
:
1
Title
:
CVE-2016-2854 on Ubuntu 17.10 (artful) - low.
Description
:
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2016-2854
Platform(s)
:
Ubuntu 17.10
Product(s)
:
Definition Synopsis
Ubuntu 17.10 (artful) is installed.
AND
Package Information
NOT
While related to the CVE in some way, the 'linux' package in artful is not affected.
OR
NOT
While related to the CVE in some way, the 'linux-raspi2' package in artful is not affected.
OR
The vulnerability of the 'linux-snapdragon' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
BACK