[USN-3032-1] eCryptfs vulnerability

Tyler Hicks tyhicks at canonical.com
Thu Jul 14 15:37:41 UTC 2016

Ubuntu Security Notice USN-3032-1
July 14, 2016

ecryptfs-utils vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS
- Ubuntu 15.10


eCryptfs could be made to expose sensitive information.

Software Description:
- ecryptfs-utils: eCryptfs cryptographic filesystem utilities


It was discovered that eCryptfs incorrectly configured the encrypted swap
partition for certain drive types. An attacker could use this issue to discover
sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  ecryptfs-utils                  111-0ubuntu1.1

Ubuntu 15.10:
  ecryptfs-utils                  108-0ubuntu1.2

After a standard system update you need to reboot your computer to make
all the necessary changes.


Package Information:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20160714/17e9c063/attachment.sig>

More information about the ubuntu-security-announce mailing list