Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Location service uses cached authorization even after revocation
Vulnerability Description
In Ubuntu's trust-store, if a user revokes location access from an application, the location is still available to the application because the application will honour incorrect, cached permissions. This is because the cache was not ordered by creation time by the Select struct in src/core/trust/impl/sqlite3/store.cpp. Fixed in trust-store (Ubuntu) version 1.1.0+15.04.20150123-0ubuntu1 and trust-store (Ubuntu RTM) version 1.1.0+15.04.20150123~rtm-0ubuntu1.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
Permission Issues
Vulnerability Title
Ubuntu 授权问题漏洞
Vulnerability Description
Ubuntu是英国科能(Canonical)公司和Ubuntu公司的一套以桌面应用为主的GNU/Linux操作系统。 Ubuntu中的trust-store存在授权问题漏洞。攻击者可利用该漏洞访问被限制的位置。
CVSS Information
N/A
Vulnerability Type
N/A