| Revision Date: | 2016-05-02 | Version: | 1 | | Title: | CVE-2016-2853 on Ubuntu 18.10 (cosmic) - low. | | Description: | The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2016-2853
| | Platform(s): | Ubuntu 18.10
| Product(s): | | | Definition Synopsis | | Ubuntu 18.10 (cosmic) is installed. AND Package Information
NOT linux-image-4.18.0-21-generic package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-4.18.0-21-generic-lpae package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-4.18.0-21-lowlatency package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-4.18.0-21-snapdragon package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-unsigned-4.18.0-21-generic package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-unsigned-4.18.0-21-lowlatency package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-4.18.0-1017-aws package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-unsigned-4.18.0-1018-azure package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-unsigned-4.18.0-1012-gcp package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-4.18.0-1013-kvm package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-extra-virtual package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-generic package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-generic-lpae package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-lowlatency package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-snapdragon package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-virtual package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-aws package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-azure package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-gcp package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-gke package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-kvm package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-oem package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-raspi2 package in cosmic, while related to the CVE in some way, is not affected.
OR NOT linux-image-unsigned-4.15.0-1038-oem package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-unsigned-4.15.0-1013-oracle package in cosmic, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.18.0-1015-raspi2 package in cosmic, while related to the CVE in some way, is not affected.
OR NOT linux-image-4.18.0-21-generic package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-4.18.0-21-lowlatency package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-4.18.0-1019-azure package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-4.18.0-1012-gcp package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
OR NOT linux-image-4.15.0-1039-oem package in cosmic, while related to the CVE in some way, is not affected (note: 'imported aufs with fix').
|
|