cnvd - cnvd-2016-05533

cnvd-2016-05533

Vulnerability from cnvd

Title: eCryptfs ecryptfs-setup-swap信息泄露漏洞（CNVD-2016-05533）

Description:

eCryptfs（Enterprise Cryptographic Filesystem，企业加密文件系统）是软件开发者Dustin Kirkland和Tyler Hicks共同维护的的一套适用于加密Linux系统的磁盘加密软件。该软件兼容POSIX文件系统级加密，并支持文件粒度（文件或目录）加密、多种加密方式等。

eCryptfs 111之前的版本中的ecryptfs-setup-swap存在信息泄露漏洞。本地攻击者可利用该漏洞获取敏感信息。

Severity: 中

Patch Name: eCryptfs ecryptfs-setup-swap信息泄露漏洞（CNVD-2016-05533）的补丁

Patch Description:

eCryptfs 111之前的版本中的ecryptfs-setup-swap存在信息泄露漏洞。本地攻击者可利用该漏洞获取敏感信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页： http://ecryptfs.org/

Reference: http://www.openwall.com/lists/oss-security/2016/07/13/2 http://www.openwall.com/lists/oss-security/2016/07/14/3 https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857

Impacted products

Name
eCryptfs eCryptfs <111

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "91791"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-8946"
    }
  },
  "description": "eCryptfs\uff08Enterprise Cryptographic Filesystem\uff0c\u4f01\u4e1a\u52a0\u5bc6\u6587\u4ef6\u7cfb\u7edf\uff09\u662f\u8f6f\u4ef6\u5f00\u53d1\u8005Dustin Kirkland\u548cTyler Hicks\u5171\u540c\u7ef4\u62a4\u7684\u7684\u4e00\u5957\u9002\u7528\u4e8e\u52a0\u5bc6Linux\u7cfb\u7edf\u7684\u78c1\u76d8\u52a0\u5bc6\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u517c\u5bb9POSIX\u6587\u4ef6\u7cfb\u7edf\u7ea7\u52a0\u5bc6\uff0c\u5e76\u652f\u6301\u6587\u4ef6\u7c92\u5ea6\uff08\u6587\u4ef6\u6216\u76ee\u5f55\uff09\u52a0\u5bc6\u3001\u591a\u79cd\u52a0\u5bc6\u65b9\u5f0f\u7b49\u3002\r\n\r\neCryptfs 111\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684ecryptfs-setup-swap\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "Tyler Hicks",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://ecryptfs.org/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-05533",
  "openTime": "2016-07-27",
  "patchDescription": "eCryptfs\uff08Enterprise Cryptographic Filesystem\uff0c\u4f01\u4e1a\u52a0\u5bc6\u6587\u4ef6\u7cfb\u7edf\uff09\u662f\u8f6f\u4ef6\u5f00\u53d1\u8005Dustin Kirkland\u548cTyler Hicks\u5171\u540c\u7ef4\u62a4\u7684\u7684\u4e00\u5957\u9002\u7528\u4e8e\u52a0\u5bc6Linux\u7cfb\u7edf\u7684\u78c1\u76d8\u52a0\u5bc6\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u517c\u5bb9POSIX\u6587\u4ef6\u7cfb\u7edf\u7ea7\u52a0\u5bc6\uff0c\u5e76\u652f\u6301\u6587\u4ef6\u7c92\u5ea6\uff08\u6587\u4ef6\u6216\u76ee\u5f55\uff09\u52a0\u5bc6\u3001\u591a\u79cd\u52a0\u5bc6\u65b9\u5f0f\u7b49\u3002\r\n\r\neCryptfs 111\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684ecryptfs-setup-swap\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "eCryptfs ecryptfs-setup-swap\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2016-05533\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "eCryptfs eCryptfs \u003c111"
  },
  "referenceLink": "http://www.openwall.com/lists/oss-security/2016/07/13/2\r\nhttp://www.openwall.com/lists/oss-security/2016/07/14/3\r\nhttps://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857",
  "serverity": "\u4e2d",
  "submitTime": "2016-07-25",
  "title": "eCryptfs ecryptfs-setup-swap\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2016-05533\uff09"
}

CVE-2015-8946 (GCVE-0-2015-8946)

Vulnerability from cvelistv5

Published

2016-07-22 14:00

Modified

2024-08-06 08:36

Severity ?

CWE

Summary

ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.

References

▼	URL	Tags
	http://www.openwall.com/lists/oss-security/2016/07/14/3	mailing-list, x_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2016/07/13/2	mailing-list, x_refsource_MLIST
	https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857	x_refsource_CONFIRM
	https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3032-1	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:36:30.716Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160714 Re: CVE Requests: Information exposure caused by ecryptfs-setup-swap failures",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/07/14/3"
          },
          {
            "name": "[oss-security] 20160713 CVE Requests: Information exposure caused by ecryptfs-setup-swap failures",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/07/13/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282"
          },
          {
            "name": "USN-3032-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3032-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-07-22T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160714 Re: CVE Requests: Information exposure caused by ecryptfs-setup-swap failures",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/07/14/3"
        },
        {
          "name": "[oss-security] 20160713 CVE Requests: Information exposure caused by ecryptfs-setup-swap failures",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/07/13/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282"
        },
        {
          "name": "USN-3032-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3032-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-8946",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160714 Re: CVE Requests: Information exposure caused by ecryptfs-setup-swap failures",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/07/14/3"
            },
            {
              "name": "[oss-security] 20160713 CVE Requests: Information exposure caused by ecryptfs-setup-swap failures",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/07/13/2"
            },
            {
              "name": "https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857",
              "refsource": "CONFIRM",
              "url": "https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/857"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282",
              "refsource": "CONFIRM",
              "url": "https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282"
            },
            {
              "name": "USN-3032-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3032-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-8946",
    "datePublished": "2016-07-22T14:00:00",
    "dateReserved": "2016-07-14T00:00:00",
    "dateUpdated": "2024-08-06T08:36:30.716Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted