Headline
CVE-2023-49343: Potential manipulation of GUI displayed for budgie-extras budgie-dropby applet
Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel.
Impact
Data used by the dropby applet is stored in a host system location that is accessible to any user who has local access to the system.
The data file format is easily guessable; this potentially allows a local attacker to pre-create this file and control whether to display or close the dropby window. This can confuse the end-user.
A denial-of-service will also be possible e.g. by placing a FIFO there. Since the applet runs in the same thread for the budgie panel, by crashing the applet this can crash the entire panel.
Patches
The fix has been resolved in a patch release v1.7.1
Workarounds
This issue can be mitigated if there is only one user account on the system and limiting physical access to other users to the host system.
References
None.
Related news
Ubuntu Security Notice 6556-1 - It was discovered that Budgie Extras incorrectly handled certain temporary file paths. An attacker could possibly use this issue to inject false information or deny access to the application. Matthias Gerstner discovered that Budgie Extras incorrectly handled certain temporary file paths. A local attacker could use this to inject arbitrary PNG data in this path and have it displayed on the victim's desktop or deny access to the application.
Temporary data passed between application components by Budgie Extras Windows Previews could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may read private information from windows, present false information to users, or deny access to the application.