CVE-2015-8946 — Improper Input Validation in Ecryptfs-utils
Severity
3.3LOWNVD
EPSS
0.1%
top 68.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 22
Latest updateMay 17
Description
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4
Affected Packages4 packages
Also affects: Ubuntu Linux 14.04, 15.10, 16.04
🔴Vulnerability Details
4GHSA▶
GHSA-q38r-hcf4-gx69: ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe↗2022-05-17
GHSA▶
GHSA-75gv-98wv-gmx4: ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and↗2022-05-17
OSV▶
CVE-2016-6224: ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe↗2016-07-22
OSV▶
CVE-2015-8946: ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and↗2016-07-22
📋Vendor Advisories
4Red Hat▶
ecryptfs-utils: ecryptfs-setup-swap improperly configures encrypted swap when using GPT partitioning on a NVMe or MMC drive↗2016-07-06
Debian▶
CVE-2016-6224: ecryptfs-utils - ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition ...↗2016
Red Hat▶
ecryptfs-utils: ecryptfs-setup-swap improperly configures encrypted swap when using GPT partitioning↗2015-08-04
Debian▶
CVE-2015-8946: ecryptfs-utils - ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap...↗2015