Free of static data in accountsservice
CVE-2021-3939

7.8HIGH

Key Information:

Vendor: Ubuntu
Status: Accountsservice
Vendor: CVE Published:; 17 November 2021

What is CVE-2021-3939?

Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. This is reachable via the SetLanguage dbus function. This is fixed in versions 0.6.55-0ubuntu12~20.04.5, 0.6.55-0ubuntu13.3, 0.6.55-0ubuntu14.1.

Affected Version(s)

accountsservice 0.6.55-0ubuntu12~20.04 < 0.6.55-0ubuntu12~20.04.5

accountsservice 0.6.55-0ubuntu13 < 0.6.55-0ubuntu13.3

accountsservice 0.6.55-0ubuntu14 < 0.6.55-0ubuntu14.1

References

https://ubuntu.com/security/notices/USN-5149-1

https://bugs.launchpad.net/ubuntu/+source/accountsservice...

http://packetstormsecurity.com/files/172848/Ubuntu-accoun...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 17, 2021
Vulnerability Reserved
Nov 9, 2021

Credit

Kevin Backhouse