Token Leak in Ubuntu Advantage Desktop Daemon Prior to Version 1.12

CVE-2024-6388

What is CVE-2024-6388?

A vulnerability exists in the Ubuntu Advantage Desktop Daemon, discovered by Marco Trevisan, which allows unprivileged users to access sensitive Pro tokens. This leak occurs due to the token being passed as an argument in plaintext, exposing it to potential interception and misuse. Urgent action is recommended to safeguard user credentials and maintain security integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References