CVE-2016-6224

ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8946.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
ecryptfsecryptfs-utils
𝑥
≤ 110
canonicalubuntu_linux
14.04
canonicalubuntu_linux
15.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ecryptfs-utils
bookworm
111-6
fixed
bullseye
111-5
fixed
sid
111-7
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ecryptfs-utils
precise
not-affected
trusty
not-affected
wily
Fixed 108-0ubuntu1.2
released
xenial
Fixed 111-0ubuntu1.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
ecryptfs-utils-103
suse enterprise sap 12 SP2
8.3.1
fixed
suse enterprise sap 12 SP3
8.3.1
fixed
suse enterprise sap 12 SP5
8.3.1
fixed
suse enterprise server 12 SP2
8.3.1
fixed
suse enterprise server 12 SP3
8.3.1
fixed
suse enterprise server 12 SP4
8.3.1
fixed
suse enterprise server 12 SP5
8.3.1
fixed
ecryptfs-utils-32bit-103
suse enterprise sap 12 SP2
8.3.1
fixed
suse enterprise sap 12 SP3
8.3.1
fixed
suse enterprise sap 12 SP5
8.3.1
fixed
suse enterprise server 12 SP2
8.3.1
fixed
suse enterprise server 12 SP3
8.3.1
fixed
suse enterprise server 12 SP4
8.3.1
fixed
suse enterprise server 12 SP5
8.3.1
fixed
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2016/07/13/2
http://www.openwall.com/lists/oss-security/2016/07/14/3
http://www.ubuntu.com/usn/USN-3032-1
https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/882
https://bugs.launchpad.net/ecryptfs/+bug/1597154
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K5WWCVHDLRLZTYMXEIONYFHLYAXXLJW3/
http://www.openwall.com/lists/oss-security/2016/07/13/2
http://www.openwall.com/lists/oss-security/2016/07/14/3
http://www.ubuntu.com/usn/USN-3032-1
https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/882
https://bugs.launchpad.net/ecryptfs/+bug/1597154
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K5WWCVHDLRLZTYMXEIONYFHLYAXXLJW3/