CVE-2016-10369

Metadata

medium
4.6
lxterminal
CVE-2016-10369
cve.mitre.org, unix.stackexchange.com, bugs.debian.org
2017-05-08
2017-08-04 03:03
v3.6/main/lxterminal-0.3.0-r1
CVE-2016-10369 lxterminal
2017-07-20 21:33
2017-06-16 19:17
2017-05-24 19:03
2017-05-11 02:03

Description

unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
trusty lxterminal 0.1.11-4ubuntu3.1
upstream lxterminal 0.3.0-2
xenial lxterminal 0.2.0-1ubuntu0.1
zesty lxterminal 0.3.0-1ubuntu0.1

Unaffected

Release Package Reason
precise/esm lxterminal DNE
vivid/stable-phone-overlay lxterminal DNE
vivid/ubuntu-core lxterminal DNE
yakkety lxterminal ignored
devel lxterminal not-affected