Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 503
Alerts This Week
Warning Icon 1 503

Ubuntu 23.04 USN-6190-1: Moderate AccountsService Denial of Service

ubuntu
Calendar Grey June 28, 2023
Dist Ubuntu Esm H88
A flaw in the AccountsService on Ubuntu can lead to system crashes or the execution of arbitrary code by sending specially crafted messages.
AccountsService could be made to crash or run programs if it received specially crafted messages.

Summary

AccountsService could be made to crash or run programs if it received

specially crafted messages.

Software Description:

- accountsservice: query and manipulate user account information

Details:

Kevin Backhouse discovered that AccountsService incorrectly handled certain

D-Bus messages. A local attacker could use this issue to cause

AccountsService to crash, resulting in a denial of service, or possibly

execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.04:
   accountsservice                 22.08.8-1ubuntu7.1
   libaccountsservice0             22.08.8-1ubuntu7.1

Ubuntu 22.10:
   accountsservice                 22.08.8-1ubuntu1.1
   libaccountsservice0             22.08.8-1ubuntu1.1

Ubuntu 22.04 LTS:
   accountsservice                 22.07.5-2ubuntu1.4
   libaccountsservice0             22.07.5-2ubuntu1.4

Ubuntu 20.04 LTS:
   accountsservice                 0.6.55-0ubuntu12~20.04.6
   libaccountsservice0             0.6.55-0ubuntu12~20.04.6

After a standard system update you need to reboot your computer to make all
the necessary changes.

References

https://ubuntu.com/security/notices/USN-6190-1

CVE-2023-3297

June 28, 2023

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.