CVE-2018-6553

Priority
Description
The CUPS AppArmor profile incorrectly confined the dnssd backend due to use
of hard links. A local attacker could possibly use this issue to escape
confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu
18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to
2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in
Ubuntu 14.04 LTS.
Assigned-to
mdeslaur
Notes
Package
Source: cups (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [1.7.2-0ubuntu1.10])
Ubuntu 16.04 LTS (Xenial Xerus):released (2.1.3-4ubuntu0.5)
Ubuntu 18.04 LTS (Bionic Beaver):released (2.2.7-1ubuntu2.1)
More Information

Updated: 2020-09-10 05:59:15 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)