First published: Mon Sep 25 2023(Updated: )
USN-6190-1 fixed a vulnerability in AccountsService. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Kevin Backhouse discovered that AccountsService incorrectly handled certain D-Bus messages. A local attacker could use this issue to cause AccountsService to crash, resulting in a denial of service, or possibly execute arbitrary code.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/accountsservice | <0.6.45-1ubuntu1.3+esm1 | 0.6.45-1ubuntu1.3+esm1 |
=18.04 | ||
All of | ||
ubuntu/libaccountsservice0 | <0.6.45-1ubuntu1.3+esm1 | 0.6.45-1ubuntu1.3+esm1 |
=18.04 | ||
All of | ||
ubuntu/accountsservice | <0.6.40-2ubuntu11.6+esm1 | 0.6.40-2ubuntu11.6+esm1 |
=16.04 | ||
All of | ||
ubuntu/libaccountsservice0 | <0.6.40-2ubuntu11.6+esm1 | 0.6.40-2ubuntu11.6+esm1 |
=16.04 | ||
All of | ||
ubuntu/accountsservice | <0.6.35-0ubuntu7.3+esm3 | 0.6.35-0ubuntu7.3+esm3 |
=14.04 | ||
All of | ||
ubuntu/libaccountsservice0 | <0.6.35-0ubuntu7.3+esm3 | 0.6.35-0ubuntu7.3+esm3 |
=14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this AccountsService vulnerability is USN-6190-2.
The software affected by this vulnerability is accountsservice and libaccountsservice0.
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS are affected by this vulnerability.
The remedy for this vulnerability is to update to version 0.6.45-1ubuntu1.3+esm1 for Ubuntu 18.04 LTS, version 0.6.40-2ubuntu11.6+esm1 for Ubuntu 16.04 LTS, and version 0.6.35-0ubuntu7.3+esm3 for Ubuntu 14.04 LTS.
You can find more information about this vulnerability on the Ubuntu Security website: [Ubuntu Security Notices - USN-6190-2](https://ubuntu.com/security/notices/USN-6190-2).