Oval Definition:	oval:com.ubuntu.xenial:def:20167118000
Revision Date: 2016-08-31 Version: 1 Title: CVE-2016-7118 on Ubuntu 16.04 LTS (xenial) - low. Description: fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in the linux-image package 3.2.0-4 (kernel 3.2.81-1) in Debian wheezy mishandles F_SETFL fcntl calls on directories, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via standard filesystem operations, as demonstrated by scp from an AUFS filesystem. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-7118 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information NOT While related to the CVE in some way, the 'linux' package in xenial is not affected (note: 'aufs setfl code not included'). OR NOT While related to the CVE in some way, the 'linux-aws' package in xenial is not affected. OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR NOT While related to the CVE in some way, the 'linux-gke' package in xenial is not affected. OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR NOT While related to the CVE in some way, the 'linux-hwe' package in xenial is not affected. OR NOT While related to the CVE in some way, the 'linux-hwe-edge' package in xenial is not affected. OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR NOT While related to the CVE in some way, the 'linux-raspi2' package in xenial is not affected (note: 'aufs setfl code not included'). OR NOT While related to the CVE in some way, the 'linux-snapdragon' package in xenial is not affected (note: 'aufs setfl code not included').
BACK