Описание
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. This is reachable via the SetLanguage dbus function. This is fixed in versions 0.6.55-0ubuntu12~20.04.5, 0.6.55-0ubuntu13.3, 0.6.55-0ubuntu14.1.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 0.6.45-1ubuntu1.3 |
| devel | released | 0.6.55-3ubuntu2 |
| esm-infra-legacy/trusty | not-affected | |
| esm-infra/bionic | not-affected | 0.6.45-1ubuntu1.3 |
| esm-infra/focal | released | 0.6.55-0ubuntu12~20.04.5 |
| esm-infra/xenial | not-affected | |
| focal | released | 0.6.55-0ubuntu12~20.04.5 |
| hirsute | released | 0.6.55-0ubuntu13.3 |
| impish | released | 0.6.55-0ubuntu14.1 |
| jammy | released | 0.6.55-3ubuntu2 |
Показывать по
EPSS
7.2 High
CVSS2
7.8 High
CVSS3
Связанные уязвимости
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. This is reachable via the SetLanguage dbus function. This is fixed in versions 0.6.55-0ubuntu12~20.04.5, 0.6.55-0ubuntu13.3, 0.6.55-0ubuntu14.1.
Ubuntu-specific modifications to accountsservice (in patch file debian ...
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. This is reachable via the SetLanguage dbus function. This is fixed in versions 0.6.55-0ubuntu12~20.04.5, 0.6.55-0ubuntu13.3, 0.6.55-0ubuntu14.1.
Уязвимость модификации AccountsService (debian/patches/0010-set-language.patch) операционной системы Ubuntu, позволяющая нарушителю повысить свои привилегии
EPSS
7.2 High
CVSS2
7.8 High
CVSS3