vulnerability
Ubuntu: (Multiple Advisories) (CVE-2017-17689): KDE PIM vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | May 16, 2018 | Nov 19, 2024 | Sep 5, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
May 16, 2018
Added
Nov 19, 2024
Modified
Sep 5, 2025
Description
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
Solutions
ubuntu-pro-upgrade-accountwizardubuntu-pro-upgrade-kmailubuntu-pro-upgrade-libkf5messageviewer5ubuntu-pro-upgrade-libkf5messageviewer5abi4ubuntu-pro-upgrade-libkf5mimetreeparser5abi2ubuntu-pro-upgrade-libkf5templateparser5ubuntu-pro-upgrade-libkf5templateparser5abi2ubuntu-pro-upgrade-libmessageviewer4ubuntu-pro-upgrade-libtemplateparser4
References
- CVE-2017-17689
- https://attackerkb.com/topics/CVE-2017-17689
- UBUNTU-USN-7729-1
- UBUNTU-USN-7730-1
- UBUNTU-USN-7731-1
- URL-https://efail.de
- URL-https://ubuntu.com/security/notices/USN-7729-1
- URL-https://ubuntu.com/security/notices/USN-7730-1
- URL-https://ubuntu.com/security/notices/USN-7731-1
- URL-https://www.cve.org/CVERecord?id=CVE-2017-17689
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.