Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-49343: Potential manipulation of GUI displayed for budgie-extras budgie-dropby applet

Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel.

CVE
#apple#dos

Impact

Data used by the dropby applet is stored in a host system location that is accessible to any user who has local access to the system.

The data file format is easily guessable; this potentially allows a local attacker to pre-create this file and control whether to display or close the dropby window. This can confuse the end-user.

A denial-of-service will also be possible e.g. by placing a FIFO there. Since the applet runs in the same thread for the budgie panel, by crashing the applet this can crash the entire panel.

Patches

The fix has been resolved in a patch release v1.7.1

Workarounds

This issue can be mitigated if there is only one user account on the system and limiting physical access to other users to the host system.

References

None.

Related news

Ubuntu Security Notice USN-6556-1

Ubuntu Security Notice 6556-1 - It was discovered that Budgie Extras incorrectly handled certain temporary file paths. An attacker could possibly use this issue to inject false information or deny access to the application. Matthias Gerstner discovered that Budgie Extras incorrectly handled certain temporary file paths. A local attacker could use this to inject arbitrary PNG data in this path and have it displayed on the victim's desktop or deny access to the application.

CVE-2023-49347: USN-6556-1: Budgie Extras vulnerabilities | Ubuntu security notices | Ubuntu

Temporary data passed between application components by Budgie Extras Windows Previews could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may read private information from windows, present false information to users, or deny access to the application.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907