CVE-2024-6388
https://notcve.org/view.php?id=CVE-2024-6388
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the token as an argument in plaintext. • https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2068944 https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24 https://www.cve.org/CVERecord?id=CVE-2024-6388 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVE-2022-4968
https://notcve.org/view.php?id=CVE-2022-4968
netplan leaks the private key of wireguard to local users. Versions after 1.0 are not affected. netplan filtra la clave privada de wireguard a los usuarios locales. Pronto se publicará una solución de seguridad. • https://bugs.launchpad.net/netplan/+bug/1987842 https://bugs.launchpad.net/ubuntu/+source/netplan.io/+bug/2065738 https://github.com/canonical/netplan/commit/4c39b75b5c6ae7d976bda6da68da60d9a7f085ee https://www.cve.org/CVERecord?id=CVE-2022-4968 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVE-2022-0555
https://notcve.org/view.php?id=CVE-2022-0555
Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all Permissions Subiquity muestra una frase de contraseña de almacenamiento guiada en texto plano con permisos de lectura total • https://bugs.launchpad.net/subiquity/+bug/1960162 https://github.com/canonical/subiquity/pull/1181 https://github.com/canonical/subiquity/pull/1182 https://www.cve.org/CVERecord?id=CVE-2022-0555 • CWE-256: Plaintext Storage of a Password •
CVE-2024-3250
https://notcve.org/view.php?id=CVE-2024-3250
It was discovered that Canonical's Pebble service manager read-file API and the associated pebble pull command, before v1.10.2, allowed unprivileged local users to read files with root-equivalent permissions when Pebble was running as root. Fixes are also available as backports to v1.1.1, v1.4.2, and v1.7.4. Se descubrió que la API de lectura de archivos del administrador de servicios Pebble de Canonical y el comando pebble pull asociado, antes de v1.10.2, permitían a los usuarios locales sin privilegios leer archivos con permisos equivalentes a root cuando Pebble se ejecutaba como root. Las correcciones también están disponibles como backports para v1.1.1, v1.4.2 y v1.7.4. • https://github.com/canonical/pebble/security/advisories/GHSA-4685-2x5r-65pj https://www.cve.org/CVERecord?id=CVE-2024-3250 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2023-49721
https://notcve.org/view.php?id=CVE-2023-49721
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot. Un valor predeterminado inseguro para permitir UEFI Shell en EDK2 se dejó habilitado en LXD. Esto permite que un atacante residente en el sistema operativo omita el arranque seguro. • https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137 https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139 https://nvd.nist.gov/vuln/detail/CVE-2023-48733 https://www.openwall.com/lists/oss-security/2024/02/14/4 • CWE-276: Incorrect Default Permissions •