Oval Definition:oval:com.ubuntu.xenial:def:201869540000000
Revision Date:2018-02-13Version:1
Title:CVE-2018-6954 on Ubuntu 16.04 LTS (xenial) - medium.
Description:systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-6954
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND systemd package in xenial was vulnerable but has been fixed (note: '229-4ubuntu21.15').
    • BACK