USN-3032-1: eCryptfs vulnerability

14 July 2016

ecryptfs-utils vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
  • Ubuntu 15.10

Summary

eCryptfs could be made to expose sensitive information.

Software Description

  • ecryptfs-utils - eCryptfs cryptographic filesystem utilities

Details

It was discovered that eCryptfs incorrectly configured the encrypted swap partition for certain drive types. An attacker could use this issue to discover sensitive information.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS
ecryptfs-utils - 111-0ubuntu1.1
Ubuntu 15.10
ecryptfs-utils - 108-0ubuntu1.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References