CVE-2015-8946

LOW

Canonical Ubuntu Linux < 110 - Improper Input Validation

Title source: rule
STIX 2.1

Description

ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.

References (5)

Core 5
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/07/14/3
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/07/13/2
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-3032-1

Scores

CVSS v3 3.3
EPSS 0.0035
EPSS Percentile 27.3%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-20
Status published
Products (3)
canonical/ubuntu_linux 15.10
canonical/ubuntu_linux 16.04
ecryptfs/ecryptfs-utils < 110
Published Jul 22, 2016
Tracked Since Feb 18, 2026