OVAL Reference oval:com.ubuntu.bionic:def:201813054000

Oval Definition:

oval:com.ubuntu.bionic:def:201813054000

Revision Date:	2018-07-02	Version:	1
Title:	CVE-2018-13054 on Ubuntu 18.04 LTS (bionic) - high.
Description:	An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_activated and _on_face_menuitem_activated. These icon files are written to the respective user's $HOME/.face location. If an unprivileged user prepares a symlink pointing to an arbitrary location, then this location will be overwritten with the icon content.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2018-13054
Platform(s):	Ubuntu 18.04 LTS	Product(s):
Definition Synopsis
Ubuntu 18.04 LTS (bionic) is installed. AND The vulnerability of the 'cinnamon' package in bionic is not known (status: 'needs-triage'). It is pending evaluation.