Lucene search

Ubuntu.comUB:CVE-2020-16123

HistoryNov 23, 2020 - 12:00 a.m.

CVE-2020-16123

2020-11-2300:00:00

ubuntu.com

ubuntu specific

pulseaudio

race condition

snap policy module

scm_credentials

vulnerability

patch

sensitive information

bug

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

18.0%

JSON

An Ubuntu-specific patch in PulseAudio created a race condition where the
snap policy module would fail to identify a client connection from a snap
as coming from a snap if SCM_CREDENTIALS were missing, allowing the snap to
connect to PulseAudio without proper confinement. This could be exploited
by an attacker to expose sensitive information. Fixed in
1:13.99.3-1ubuntu2, 1:13.99.2-1ubuntu2.1, 1:13.99.1-1ubuntu3.8,
1:11.1-1ubuntu7.11, and 1:8.0-0ubuntu3.15.

Bugs

<https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1895928>

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchpulseaudio< 1:11.1-1ubuntu7.11UNKNOWN
ubuntu20.04noarchpulseaudio< 1:13.99.1-1ubuntu3.8UNKNOWN
ubuntu20.10noarchpulseaudio< 1:13.99.2-1ubuntu2.1UNKNOWN
ubuntu16.04noarchpulseaudio< 1:8.0-0ubuntu3.15UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	pulseaudio	< 1:11.1-1ubuntu7.11	UNKNOWN
ubuntu	20.04	noarch	pulseaudio	< 1:13.99.1-1ubuntu3.8	UNKNOWN
ubuntu	20.10	noarch	pulseaudio	< 1:13.99.2-1ubuntu2.1	UNKNOWN
ubuntu	16.04	noarch	pulseaudio	< 1:8.0-0ubuntu3.15	UNKNOWN