Oval Definition:	oval:com.ubuntu.trusty:def:201713305000
Revision Date: 2018-04-04 Version: 1 Title: CVE-2017-13305 on Ubuntu 14.04 LTS (trusty) - medium. Description: A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974. It was discovered that a buffer overread vulnerability existed in the keyring subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). Family: unix Class: vulnerability Status: Reference(s): CVE-2017-13305 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND Package Information The 'linux' package in trusty was vulnerable but has been fixed (note: '3.13.0-149.199'). OR The 'linux-aws' package in trusty was vulnerable but has been fixed (note: '4.4.0-1017.17'). OR NOT While related to the CVE in some way, the 'linux-azure' package in trusty is not affected (note: '4.15.0-1023.24~14.04.1'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life'). OR The 'linux-lts-xenial' package in trusty was vulnerable but has been fixed (note: '4.4.0-121.145~14.04.1'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
BACK