CVE-2021-3939HIGHCVSS 7.8≥ 0.6.55-0ubuntu12~20.04, < 0.6.55-0ubuntu12~20.04.5·≥ 0.6.55-0ubuntu13, < 0.6.55-0ubuntu13.3+1 more2021-11-17
CVE-2021-3939 [HIGH] CWE-590 CVE-2021-3939: Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.pat
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. This is reachable via the SetLanguage dbus function. This is fixed in versions 0.6.55-0ubuntu12~20.04.5, 0.6.55-0ubuntu13
cvelistv5nvd