CVE-2016-6224

Published: 22 July 2016

ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8946.

Priority

Medium

CVSS 3 base score: 3.3

Status

Package Release Status
ecryptfs-utils
Launchpad, Ubuntu, Debian
Upstream Pending
(112)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (111-0ubuntu1.1)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(systemd not in use)
Patches:
Upstream: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/859

Notes

AuthorNote
tyhicks
This issue only occurs when systemd and GPT partitioning is in use on
an NVMe or MMC drive

References

Bugs