Oval Definition:oval:com.ubuntu.xenial:def:20175180000
Revision Date:2017-02-09Version:1
Title:CVE-2017-5180 on Ubuntu 16.04 LTS (xenial) - medium.
Description:Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-5180
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND The 'firejail' package in xenial was vulnerable but has been fixed (note: '0.9.38-1ubuntu0.1').
  • BACK