Oval Definition:
oval:com.ubuntu.cosmic:def:20162854000
Revision Date
:
2016-05-02
Version
:
1
Title
:
CVE-2016-2854 on Ubuntu 18.10 (cosmic) - low.
Description
:
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2016-2854
Platform(s)
:
Ubuntu 18.10
Product(s)
:
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed.
AND
Package Information
NOT
While related to the CVE in some way, the 'linux' package in cosmic is not affected.
OR
NOT
While related to the CVE in some way, the 'linux-aws' package in cosmic is not affected (note: 'imported aufs with fix').
OR
The vulnerability of the 'linux-azure' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation.
OR
NOT
While related to the CVE in some way, the 'linux-gcp' package in cosmic is not affected (note: 'imported aufs with fix').
OR
NOT
While related to the CVE in some way, the 'linux-kvm' package in cosmic is not affected (note: 'imported aufs with fix').
OR
NOT
While related to the CVE in some way, the 'linux-oem' package in cosmic is not affected.
OR
NOT
While related to the CVE in some way, the 'linux-oracle' package in cosmic is not affected.
OR
NOT
While related to the CVE in some way, the 'linux-raspi2' package in cosmic is not affected.
BACK