Ubuntu 5382-2: libinput vulnerability | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
==========================================================================
Ubuntu Security Notice USN-5382-2
May 02, 2022

libinput vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

libinput could be made to crash or expose sensitive information.

Software Description:
- libinput: Input device management and event handling library

Details:

USN-5382-1 fixed a vulnerability in libinput. This update provides the
corresponding updates for Ubuntu 22.04 LTS.

Original advisory details:

 Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly
 handle input devices with specially crafted names. A local attacker with
 physical access could use this to cause libinput to crash or expose
 sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
  libinput10                      1.20.0-1ubuntu0.1

After a standard system update you need to log out of all desktop sessions
and then log back in to make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5382-2
  https://ubuntu.com/security/notices/USN-5382-1
  CVE-2022-1215

Package Information:
  https://launchpad.net/ubuntu/+source/libinput/1.20.0-1ubuntu0.1

Ubuntu 5382-2: libinput vulnerability

May 2, 2022
libinput could be made to crash or expose sensitive information.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: libinput could be made to crash or expose sensitive information. Software Description: - libinput: Input device management and event handling library Details: USN-5382-1 fixed a vulnerability in libinput. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly handle input devices with specially crafted names. A local attacker with physical access could use this to cause libinput to crash or expose sensitive information.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: libinput10 1.20.0-1ubuntu0.1 After a standard system update you need to log out of all desktop sessions and then log back in to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5382-2

https://ubuntu.com/security/notices/USN-5382-1

CVE-2022-1215

Severity
Ubuntu Security Notice USN-5382-2

Package Information

https://launchpad.net/ubuntu/+source/libinput/1.20.0-1ubuntu0.1

Related News

DISA Issues Security Technical Implementation Guide for TOSS 4 Operating System

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy