ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8946.
www.openwall.com/lists/oss-security/2016/07/13/2
www.openwall.com/lists/oss-security/2016/07/14/3
www.ubuntu.com/usn/USN-3032-1
bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/882
bugs.launchpad.net/ecryptfs/+bug/1597154
bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K5WWCVHDLRLZTYMXEIONYFHLYAXXLJW3/