3 matches found
AZL-66686 CVE-2022-1804 affecting package accountsservice 0.6.55-4
accountsservice no longer drops permissions when writting .pamenvironment...
CVE-2021-3939
Ubuntu-specific modifications to accountsservice in patch file debian/patches/0010-set-language.patch caused the fallbacklocale variable, pointing to static storage, to be freed, in the userchangelanguageauthorizedcb function. This is reachable via the SetLanguage dbus function. This is fixed in...
UBUNTU-CVE-2020-16126
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion...