CVE-2017-6964 Ubuntu Security Notification for Eject Vulnerability (USN-3246-1)

It was discovered that dmcrypt-get-device incorrectly checked setuid and setgid return values.

A local attacker could use this issue to execute code as an administrator.

Refer to Ubuntu advisory USN-3246-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3246-1: 14.04 (Kylin) on src (eject)

USN-3246-1: 16.10 (Yakkety) on src (eject)

USN-3246-1: 16.04 (Xenial) on src (eject)

USN-3246-1: 12.04 (Precise) on src (eject)