Oval Definition:oval:com.ubuntu.xenial:def:20186556000
Revision Date:2018-08-10Version:1
Title:CVE-2018-6556 on Ubuntu 16.04 LTS (xenial) - medium.
Description:lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-6556
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND NOT While related to the CVE in some way, the 'lxc' package in xenial is not affected (note: '2.0.8-0ubuntu1~16.04.2').
  • BACK