CVE-2015-8946

EUVD-2015-8802
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
Affected Products (NVD)
VendorProductVersion
canonicalubuntu_linux
15.10
canonicalubuntu_linux
16.04
ecryptfsecryptfs-utils
𝑥
≤ 110
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ecryptfs-utils
bookworm
111-6
fixed
bullseye
111-5
fixed
jessie
no-dsa
sid
111-7
fixed
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ecryptfs-utils
precise
not-affected
trusty
not-affected
wily
not-affected
xenial
not-affected
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2016/07/13/2
http://www.openwall.com/lists/oss-security/2016/07/14/3
http://www.ubuntu.com/usn/USN-3032-1
https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282
http://www.openwall.com/lists/oss-security/2016/07/13/2
http://www.openwall.com/lists/oss-security/2016/07/14/3
http://www.ubuntu.com/usn/USN-3032-1
https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282