CVE-2018-6557

NameCVE-2018-6557
DescriptionThe MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and Ubuntu 18.10 before 10.1ubuntu6 incorrectly handled temporary files. A local attacker could use this issue to cause a denial of service, or possibly escalate privileges if kernel symlink restrictions were disabled.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
base-files (PTS)bullseye11.1+deb11u11fixed
bookworm12.4+deb12u8fixed
sid, trixie13.6fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
base-filessource(unstable)(not affected)

Notes

- base-files <not-affected> (Ubuntu specific motd update code; vulnerable code not present)

Search for package or bug name: Reporting problems