Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Free of static data in accountsservice
Vulnerability Description
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. This is reachable via the SetLanguage dbus function. This is fixed in versions 0.6.55-0ubuntu12~20.04.5, 0.6.55-0ubuntu13.3, 0.6.55-0ubuntu14.1.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
释放并不在堆上的内存
Vulnerability Title
Canonical Ubuntu 安全漏洞
Vulnerability Description
Canonical Ubuntu是英国科能(Canonical)公司的一套以桌面应用为主的GNU/Linux操作系统。 Canonical Ubuntu 存在安全漏洞,该漏洞源于 Ubuntu 对accountsservice 的特定修改导致在user_change_language_authorized_cb 函数中指向静态存储的fallback_locale 变量被释放。
CVSS Information
N/A
Vulnerability Type
N/A