USN-5382-1: libinput vulnerability
20 April 2022
libinput could be made to crash or expose sensitive information.
- libinput - Input device management and event handling library
Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly
handle input devices with specially crafted names. A local attacker with
physical access could use this to cause libinput to crash or expose
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to log out of all desktop sessions
and then log back in to make all the necessary changes.
- USN-5382-2: libinput, libinput-dev, libinput-bin, libinput-tools, libinput10