VDB

CVE-2018-6553

CVE-2018-6553 PUBLISHED

The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS.

EPSS 0.15% · 34.9th percentile

Risk Scores

EPSS Score
0.15%
34.9th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTScups2.1.3-1build1, 2.1.3-4ubuntu0.4, 0
Ubuntu:18.04:LTScups0, 2.2.6-4, 2.2.6-2
Ubuntu:14.04:LTScups1.7.2-0ubuntu1.4, 1.7.2-0ubuntu1.5, 1.7.2-0ubuntu1.6

Timeline

  • Jul 11, 2018 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›