Oval Definition:oval:com.ubuntu.bionic:def:2017165390000000
Revision Date:2017-11-04Version:1
Title:CVE-2017-16539 on Ubuntu 18.04 LTS (bionic) - medium.
Description:The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-device" line to /proc/scsi/scsi, aka SCSI MICDROP.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-16539
Platform(s):Ubuntu 18.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 18.04 LTS (bionic) is installed.
  • AND docker.io package in bionic was vulnerable but has been fixed (note: '18.06.1-0ubuntu1~18.04.1').
    • BACK