CVE-2018-12365

Priority
Medium
Description
A compromised IPC child process can escape the content sandbox and list the
names of arbitrary files on the file system without user consent or
interaction. This could result in exposure of private local files.
References
Assigned-to
chrisccoulson
Package
Priority: Low
Upstream:released (52.9.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (1:52.9.1+build3-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:52.9.1+build3-0ubuntu0.16.04.1)
Ubuntu 17.10 (Artful Aardvark):released (1:52.9.1+build3-0ubuntu0.17.10.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (1:52.9.1+build3-0ubuntu0.18.04.1)
Ubuntu 18.10 (Cosmic Cuttlefish):needed
Package
Upstream:released (61.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (61.0+build3-0ubuntu0.14.04.2)
Ubuntu 16.04 LTS (Xenial Xerus):released (61.0+build3-0ubuntu0.16.04.2)
Ubuntu 17.10 (Artful Aardvark):released (61.0+build3-0ubuntu0.17.10.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (61.0+build3-0ubuntu0.18.04.1)
Ubuntu 18.10 (Cosmic Cuttlefish):needed
More Information

Updated: 2018-07-12 20:14:26 UTC (commit edf68743138677003af977833d917a85f01e58d4)