Ubuntu 2741-1: Unity Settings Daemon vulnerability

    Date16 Sep 2015
    CategoryUbuntu
    50
    Posted ByLinuxSecurity Advisories
    Unity Settings Daemon would allow mounting removable media while the screen is locked.
    ==========================================================================
    Ubuntu Security Notice USN-2741-1
    September 16, 2015
    
    unity-settings-daemon vulnerability
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 15.04
    - Ubuntu 14.04 LTS
    
    Summary:
    
    Unity Settings Daemon would allow mounting removable media while the screen
    is locked.
    
    Software Description:
    - unity-settings-daemon: daemon handling the Unity session settings
    
    Details:
    
    It was discovered that the Unity Settings Daemon incorrectly allowed
    removable media to be mounted when the screen is locked. If a vulnerability
    were discovered in some other desktop component, such as an image library,
    a local attacker could possibly use this issue to gain access to the
    session.
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 15.04:
      unity-settings-daemon           15.04.1+15.04.20150408-0ubuntu1.2
    
    Ubuntu 14.04 LTS:
      unity-settings-daemon           14.04.0+14.04.20150825-0ubuntu2
    
    After a standard system update you need to restart your session to make
    all the necessary changes.
    
    References:
      http://www.ubuntu.com/usn/usn-2741-1
      CVE-2015-1319
    
    Package Information:
    
    https://launchpad.net/ubuntu/+source/unity-settings-daemon/15.04.1+15.04.20150408-0ubuntu1.2
    
    https://launchpad.net/ubuntu/+source/unity-settings-daemon/14.04.0+14.04.20150825-0ubuntu2
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"22","type":"x","order":"1","pct":55,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":12.5,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"13","type":"x","order":"3","pct":32.5,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.