Bug 989122 - (CVE-2016-6224) VUL-0: CVE-2016-6224: ecryptfs-utils: ecryptfs-setup-swap improperly configures encrypted swap when using GPT partitioning on a NVMe or MMC drive (incomplete fix for CVE-2015-8946)
(CVE-2016-6224)
VUL-0: CVE-2016-6224: ecryptfs-utils: ecryptfs-setup-swap improperly configur...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 42.2
Other openSUSE 10.2
: P3 - Medium : Normal (vote)
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/170956/
CVSSv2:SUSE:CVE-2016-6224:4.0:(AV:L/A...
:
Depends on:
Blocks: CVE-2015-8946
  Show dependency treegraph
 
Reported: 2016-07-15 09:01 UTC by Andreas Stieger
Modified: 2018-02-01 23:38 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Stieger 2016-07-15 09:01:41 UTC
Via RH:

A vulnerability was found in ecryptfs-setup-swap script that is provided by the upstream ecryptfs-utils project.

When GPT swap partitions are located on NVMe or MMC drives, ecryptfs-setup-swap fails to mark these swap partitions as "no-auto".

As a consequence, when using encrypted home directory with an NVMe or MMC drive, the swap is left unencrypted. There's also a usability issue in that users are erroneously prompted to enter a pass-phrase to unlock their swap partition at boot.

This vulnerability exists due to an incomplete fix for CVE-2015-8946

References:

http://seclists.org/oss-sec/2016/q3/52

Debian bug:

https://bugs.launchpad.net/ecryptfs/+bug/1597154

Fix:

https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/882


References:
https://bugzilla.redhat.com/show_bug.cgi?id=1356828
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6224
http://seclists.org/oss-sec/2016/q3/66
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6224.html
Comment 1 Swamp Workflow Management 2016-07-15 22:00:26 UTC
bugbot adjusting priority
Comment 2 Andreas Stieger 2016-07-22 09:54:57 UTC
Based on the systemd version required to trigger this, SLE and openSUSE Leap 42.1 are not affected.

openSUSE Leap 42.2 and openSUSE Tumblewed are affected with systemd 228.
Comment 5 Swamp Workflow Management 2018-02-01 14:11:45 UTC
SUSE-SU-2018:0336-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 989121,989122
CVE References: CVE-2015-8946,CVE-2016-6224
Sources used:
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    ecryptfs-utils-103-8.3.1
SUSE Linux Enterprise Server 12-SP3 (src):    ecryptfs-utils-103-8.3.1
SUSE Linux Enterprise Server 12-SP2 (src):    ecryptfs-utils-103-8.3.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    ecryptfs-utils-103-8.3.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    ecryptfs-utils-103-8.3.1
Comment 6 Andreas Stieger 2018-02-01 18:52:02 UTC
done
Comment 7 Swamp Workflow Management 2018-02-01 23:11:33 UTC
openSUSE-SU-2018:0344-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 989121,989122
CVE References: CVE-2015-8946,CVE-2016-6224
Sources used:
openSUSE Leap 42.3 (src):    ecryptfs-utils-103-7.1