CVE-2023-3297

Опубликовано: 01 сент. 2023

Источник: debian

EPSS Низкий

Описание

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
accountsservice	not-affected			package

Примечания

https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/2024182

EPSS

Процентиль: 18%

0.00056

Низкий

Связанные уязвимости

CVE-2023-3297

CVSS3: 8.1

ubuntu

больше 2 лет назад

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.

CVE-2023-3297

CVSS3: 8.4

redhat

больше 2 лет назад

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.

CVE-2023-3297

CVSS3: 8.1

nvd

больше 2 лет назад

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.

CVE-2023-3297

CVSS3: 7.8

msrc

12 месяцев назад

Описание отсутствует

GHSA-gr7p-26mx-9pgw

CVSS3: 8.1

github

больше 2 лет назад

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.

EPSS

Процентиль: 18%

0.00056

Низкий