Lucene search

PRIOn knowledge basePRION:CVE-2020-16126

HistoryNov 11, 2020 - 4:15 a.m.

Design/Logic Flaw

2020-11-1104:15:00

PRIOn knowledge base

www.prio-n.com

4.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

JSON

An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion.

CPENameOperatorVersion
accountsservicelt0.6.55

CPE	Name	Operator	Version
	accountsservice	lt	0.6.55

References

securitylab.github.com/advisories/GHSL-2020-187-accountsservice-drop-privs-DOS