Launchpad.net

CVE 2022-23220

USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu, Debian, and Gentoo.

Related bugs and status

CVE-2022-23220 (Candidate) is related to these bugs:

Bug #1327062: usbview doesn't start with sudo privileges and therefore doesnt work

Summary				In	Importance	Status
	1327062	usbview doesn't start with sudo privileges and therefore doesnt work		usbview (Ubuntu)	Undecided	Fix Released

Bug #1713311: Unable to launch applications which use su-to-root from menu package as root on Wayland session

		In	Importance	Status
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	nmap (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	bleachbit (Ubuntu)	Undecided	Fix Released
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	menu (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	gui-apt-key (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	gkdebconf (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	luckybackup (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	usbview (Ubuntu)	Undecided	Fix Released
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	gadmin-openvpn-client (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	gtkorphan (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	kvpnc (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	gadmin-rsync (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	gsmartcontrol (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	lshw (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	prey (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	gadmin-proftpd (Ubuntu)	Medium	Confirmed
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	gadmin-openvpn-server (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	sbackup (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	wifi-radar (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	guymager (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	ndisgtk (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	debian-installer-launcher (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	gadmin-bind (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	keytouch-editor (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	kontrolpack (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	hannah-foo2zjs (Ubuntu)	Undecided	Fix Released
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	caja-extensions (Ubuntu)	Undecided	Won't Fix
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	edubuntu-netboot (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	ddccontrol (Ubuntu)	Undecided	In Progress
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	spacefm (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	gadmin-samba (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	i7z (Ubuntu)	Undecided	New
1713311	Unable to launch applications which use su-to-root from menu package as root on Wayland session	GParted	Undecided	New

Bug #1789362: usbview.desktop requires su-to-root but usbview doesn't pull package menu as dependency

Summary				In	Importance	Status
	1789362	usbview.desktop requires su-to-root but usbview doesn't pull package menu as dependency		usbview (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2022-23220

Related bugs and status

Related bugs

References