USN-3217-1: network-manager-applet vulnerability

Publication date

7 March 2017

Overview

The system could be made to expose sensitive information.


Packages

Details

Frederic Bardy and Quentin Biguenet discovered that network-manager-applet incorrectly checked
permissions when connecting to certain wireless networks. A local attacker
could use this issue at the login screen to access local files.

Frederic Bardy and Quentin Biguenet discovered that network-manager-applet incorrectly checked
permissions when connecting to certain wireless networks. A local attacker
could use this issue at the login screen to access local files.

Update instructions

After a standard system update you need to reboot your computer to make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
16.10 yakkety network-manager-gnome –  1.2.6-0ubuntu1.1
16.04 xenial network-manager-gnome –  1.2.6-0ubuntu0.16.04.2
14.04 trusty network-manager-gnome –  0.9.8.8-0ubuntu4.5
12.04 precise network-manager-gnome –  0.9.4.1-0ubuntu2.6

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.


Have additional questions?

Talk to a member of the team ›