Debian Accountsservice vulnerabilities

CVE-2023-3297 [HIGH] CVE-2023-3297: accountsservice - In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-aft... In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2022-1804 [MEDIUM] CVE-2022-1804: accountsservice - accountsservice no longer drops permissions when writting .pam_environment accountsservice no longer drops permissions when writting .pam_environment Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2021-3939 [HIGH] CVE-2021-3939: accountsservice - Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0... Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. This is reachable via the SetLanguage dbus function. This is fixed in versions 0.6.55-0ubuntu12~20.04.5, 0.6.55-0ubuntu13.3, 0.6

CVE-2020-16127 [LOW] CVE-2020-16127: accountsservice - An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ub... An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled ~/.pam_environment files, allowing an infinite loop if /dev/zero is symlinked to this location. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixi

CVE-2020-16126 [LOW] CVE-2020-16126: accountsservice - An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ub... An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trix

CVE-2018-14036 [MEDIUM] CVE-2018-14036: accountsservice - Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 b... Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c. Scope: local bookworm: resolved (fixed in 0.6.45-2) bullseye: resolved (fixed in 0.6.45-2) forky: resolved (fixed in 0.6.45-2) sid: resolved (fixed in 0.6.45-2) trixie: resolved (fixed in 0

CVE-2012-6655 [LOW] CVE-2012-6655: accountsservice - An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb(... An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords. Scope: local bookworm: resolved (fixed in 22.08.8-4) bullseye: open forky: resolved (fixed in 22.08.8-4) sid: resolved (fixed in 22.08.8-4) trixie: resolved (fixed in 22.08.8-4)

CVE-2012-2737 [LOW] CVE-2012-2737: accountsservice - The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon... The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition. Scope: local bookworm: resolved (fixed in 0.6.21-6) bullseye: resolved (fixed in 0.6.21-6

CVE-2011-4406 [LOW] CVE-2011-4406: accountsservice - The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properl... The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified vectors. Scope: local bookworm: resolved (fixed in 0.6.15-3) bullseye: resolved (fixed in 0.6.15-3) forky: resolved (fixed in 0.6.15-3) sid: resolved (fixed in 0.6.1