Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Ubuntu 22.04 LTS USN-6687-1 Critical AccountsService Exposure

ubuntu
Calendar Grey March 11, 2024
Dist Ubuntu Esm H88
A newly identified flaw in AccountsService could potentially reveal private data on Ubuntu machines. Prompt update advised.
AccountsService could be made to expose sensitive information.

Summary

AccountsService could be made to expose sensitive information.

Software Description:

- accountsservice: query and manipulate user account information

Details:

It was discovered that AccountsService called a helper incorrectly when

performaing password change operations. A local attacker could possibly use

this issue to obtain encrypted passwords.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
   accountsservice                 22.07.5-2ubuntu1.5
   libaccountsservice0             22.07.5-2ubuntu1.5

Ubuntu 20.04 LTS:
   accountsservice                 0.6.55-0ubuntu12~20.04.7
   libaccountsservice0             0.6.55-0ubuntu12~20.04.7

After a standard system update you need to reboot your computer to make all
the necessary changes.

References

https://ubuntu.com/security/notices/USN-6687-1

CVE-2012-6655

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6687-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.