Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses

Filter by:

With package: accountsservice

Found 1 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2022-1804

5.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 1 year ago

Accountsservice incorrectly drops privileges

accountsservice no longer drops permissions when writting .pam_environment

References

https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/1974250 issue-tracking
https://ubuntu.com/security/notices/USN-5439-1 release-notes

Affected products

accountsservice

<22.07.5-2ubuntu1.3

Matching in nixpkgs

pkgs.accountsservice

D-Bus interface for user account query and manipulation

nixos-unstable 23.13.9
- nixpkgs-unstable 23.13.9
- nixos-unstable-small 23.13.9

Package maintainers

@pSub Pascal Wittmann <mail@pascal-wittmann.de>
@jtojnar Jan Tojnar <jtojnar@gmail.com>

1