vulnerability
Oracle Linux: CVE-2019-25058: ELSA-2023-0303: usbguard security update (MODERATE) (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Feb 24, 2022 | Jan 13, 2023 | Dec 5, 2024 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Feb 24, 2022
Added
Jan 13, 2023
Modified
Dec 5, 2024
Description
An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to be connected in the future.
A flaw was found in usbguard. The vulnerability occurs due to the No default access control list(ACL) on some D-Bus methods and leads to unauthorized access. This flaw allows an attacker to access and escape policy configuration.
A flaw was found in usbguard. The vulnerability occurs due to the No default access control list(ACL) on some D-Bus methods and leads to unauthorized access. This flaw allows an attacker to access and escape policy configuration.
Solution(s)
oracle-linux-upgrade-usbguardoracle-linux-upgrade-usbguard-dbusoracle-linux-upgrade-usbguard-notifieroracle-linux-upgrade-usbguard-selinuxoracle-linux-upgrade-usbguard-tools

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.