Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Ubuntu 21.10/20.04 LTS USN-5382-1 Severe: Libinput Crash Issue

Calendar Apr 21, 2022 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory update instructions sensitive information crash issue ubuntu 20.04 libinput ubuntu 21.10
libinput could be made to crash or expose sensitive information. 
=========================================================================Ubuntu Security Notice USN-5382-1
April 20, 2022

libinput vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

libinput could be made to crash or expose sensitive information.

Software Description:
- libinput: Input device management and event handling library

Details:

Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly
handle input devices with specially crafted names. A local attacker with
physical access could use this to cause libinput to crash or expose
sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.10:
  libinput10                      1.18.1-1ubuntu0.1

Ubuntu 20.04 LTS:
  libinput10                      1.15.5-1ubuntu0.3

Ubuntu 18.04 LTS:
  libinput10                      1.10.4-1ubuntu0.18.04.3

After a standard system update you need to log out of all desktop sessions
and then log back in to make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5382-1
  CVE-2022-1215

Package Information:
  https://launchpad.net/ubuntu/+source/libinput/1.18.1-1ubuntu0.1
  https://launchpad.net/ubuntu/+source/libinput/1.15.5-1ubuntu0.3
  https://launchpad.net/ubuntu/+source/libinput/1.10.4-1ubuntu0.18.04.3

Ubuntu 21.10/20.04 LTS USN-5382-1 Severe: Libinput Crash Issue

ubuntu
Calendar Grey April 21, 2022
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-5383-1 covers a vulnerability in libarchive that could result in system instability or unauthorized information leakage.
libinput could be made to crash or expose sensitive information.

Summary

Topics%20covered

Topics Covered

security advisory update instructions sensitive information crash issue ubuntu 20.04 libinput ubuntu 21.10

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: libinput10 1.18.1-1ubuntu0.1 Ubuntu 20.04 LTS: libinput10 1.15.5-1ubuntu0.3 Ubuntu 18.04 LTS: libinput10 1.10.4-1ubuntu0.18.04.3 After a standard system update you need to log out of all desktop sessions and then log back in to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5382-1

CVE-2022-1215

Severity
important
Lowest
Low
Medium
High
Critical

April 20, 2022

Topics%20covered

Topics Covered

security advisory update instructions sensitive information crash issue ubuntu 20.04 libinput ubuntu 21.10

Package Information

https://launchpad.net/ubuntu/+source/libinput/1.18.1-1ubuntu0.1 https://launchpad.net/ubuntu/+source/libinput/1.15.5-1ubuntu0.3 https://launchpad.net/ubuntu/+source/libinput/1.10.4-1ubuntu0.18.04.3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here