Oval Definition:	oval:com.ubuntu.trusty:def:20162853000
Revision Date: 2016-05-02 Version: 1 Title: CVE-2016-2853 on Ubuntu 14.04 LTS (trusty) - low. Description: The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-2853 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND Package Information The vulnerability of the 'linux' package in trusty is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'linux-aws' package in trusty is not known (status: 'needs-triage'). It is pending evaluation. OR NOT While related to the CVE in some way, the 'linux-azure' package in trusty is not affected (note: 'imported aufs with fix'). OR While related to the CVE in some way, a decision has been made to ignore it. OR While related to the CVE in some way, a decision has been made to ignore it. OR While related to the CVE in some way, a decision has been made to ignore it. OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'was needs-triage now end-of-life'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life'). OR The vulnerability of the 'linux-lts-xenial' package in trusty is not known (status: 'needs-triage'). It is pending evaluation. OR While related to the CVE in some way, a decision has been made to ignore it. OR While related to the CVE in some way, a decision has been made to ignore it. OR While related to the CVE in some way, a decision has been made to ignore it.
BACK