Oval Definition:oval:com.ubuntu.bionic:def:201869540000000
Revision Date:2018-02-13Version:1
Title:CVE-2018-6954 on Ubuntu 18.04 LTS (bionic) - medium.
Description:systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-6954
Platform(s):Ubuntu 18.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 18.04 LTS (bionic) is installed.
  • AND systemd package in bionic was vulnerable but has been fixed (note: '237-3ubuntu10.9').
  • BACK