Описание
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.
A flaw was discovered in pipewire-pulse, where Snap allows microphone access even in the absence of a configured snap interface for audio recording.
Отчет
This issue does not impact any Red Hat products since snapd is neither supported nor shipped in Red Hat Enterprise Linux (RHEL).
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | firefox:flatpak/pipewire | Not affected | ||
| Red Hat Enterprise Linux 8 | pipewire | Not affected | ||
| Red Hat Enterprise Linux 8 | pipewire0.2 | Not affected | ||
| Red Hat Enterprise Linux 8 | thunderbird:flatpak/pipewire | Not affected | ||
| Red Hat Enterprise Linux 9 | pipewire | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.
Ubuntu's pipewire-pulse in snap grants microphone access even when the ...
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.
EPSS
5.5 Medium
CVSS3