Main Vulnerability Database SB2023121314

SB2023121314 - Ubuntu update for gnome-control-center

Published: December 13, 2023

Security Bulletin ID SB2023121314

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Insufficient UI Warning of Dangerous Operations (CVE-ID: CVE-2023-5616)

The vulnerability allows a remote attacker to bypass expected security restrictions.

The vulnerability exists due to an error in GNOME Settings that did not accurately reflect the SSH remote login status when the system was configured to use systemd socket activation for OpenSSH. This could unknowingly leave the local machine exposed to remote SSH access contrary to expectation of the user.

Remediation

Install update from vendor's website.

References

https://ubuntu.com/security/notices/USN-6554-1