USN-6687-1: AccountsService vulnerability
11 March 2024
AccountsService could be made to expose sensitive information.
Releases
Packages
- accountsservice - query and manipulate user account information
Details
It was discovered that AccountsService called a helper incorrectly when
performing password change operations. A local attacker could possibly use
this issue to obtain encrypted passwords.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04
Ubuntu 20.04
After a standard system update you need to reboot your computer to make all
the necessary changes.