Oval Definition:oval:com.ubuntu.xenial:def:201812367000
Revision Date:2018-10-18Version:1
Title:CVE-2018-12367 on Ubuntu 16.04 LTS (xenial) - medium.
Description:In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTiming was not adjusted but it was found that it could be used as a precision timer. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-12367
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND The 'firefox' package in xenial was vulnerable but has been fixed (note: '61.0+build3-0ubuntu0.16.04.2').
    • BACK