An attacker could send crafted input to applications using DBus-GLib and possibly escalate privileges.
Sebastian Krahmer and Bastien Nocera discovered that DBus-GLib did not properly validate the message sender when the “NameOwnerChanged” signal was received. A local attacker could possibly use this issue to escalate their privileges.
27 February 2013
A security issue affects these releases of Ubuntu and its derivatives:
An attacker could send crafted input to applications using DBus-GLib and possibly escalate privileges.
Sebastian Krahmer and Bastien Nocera discovered that DBus-GLib did not properly validate the message sender when the “NameOwnerChanged” signal was received. A local attacker could possibly use this issue to escalate their privileges.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make all the necessary changes.