CVE-2015-8946
LOWCanonical Ubuntu Linux < 110 - Improper Input Validation
Title source: ruleDescription
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.
References (5)
Core 5
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/07/14/3
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/07/13/2
Various Sources x_refsource_confirm
https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857
Issue Tracking x_refsource_confirm
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-3032-1
Scores
CVSS v3
3.3
EPSS
0.0035
EPSS Percentile
27.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-20
Status
published
Products (3)
canonical/ubuntu_linux
15.10
canonical/ubuntu_linux
16.04
ecryptfs/ecryptfs-utils
< 110
Published
Jul 22, 2016
Tracked Since
Feb 18, 2026