CVE-2016-6349

Publication date 29 March 2017

Last updated 25 August 2025

Ubuntu priority

Low

Why this priority?

Cvss 3 Severity Score

3.3 · Low

Score breakdown

Description

The machinectl command in oci-register-machine allows local users to list running containers and possibly obtain sensitive information by running that command.

Read the notes from the security team

Status

Package Ubuntu Release Status
systemd 16.04 LTS xenial
Not affected
15.10 wily Ignored end of life
14.04 LTS trusty
Not affected
12.04 LTS precise Not in release

Notes

mdeslaur

only affects project atomic docker hook, and upstream doesn't think this is a security issue.

sbeattie

project atomic has agreed; marking systemd as not-affected

Severity score breakdown

CVSS version: CVSS v3.0

Base score 3.3 · Low

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References

Other references

Access our resources on patching vulnerabilities