Mitigating Plasma Workspace Vulnerability on Ubuntu Systems for Enhanced Security
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: plasma-workspace would allow unintended access to the session manager. Software Description: - plasma-workspace: Plasma Workspace for KF5 Details: Fabian Vogt discovered that Plasma Workspace incorrectly handled connections via ICE. A local attacker could possibly use this issue to gain access to another user's session manager and execute arbitrary code.
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS plasma-workspace 4:5.27.11-0ubuntu4.1 Ubuntu 23.10 plasma-workspace 4:5.27.8-0ubuntu1.1 Ubuntu 22.04 LTS plasma-workspace 4:5.24.7-0ubuntu0.2 Ubuntu 20.04 LTS plasma-workspace 4:5.18.8-0ubuntu0.2 After a standard system update you need to reboot your computer to make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-6843-1
CVE-2024-36041
Package Information
https://launchpad.net/ubuntu/+source/plasma-workspace/4:5.27.11-0ubuntu4.1 https://launchpad.net/ubuntu/+source/plasma-workspace/4:5.27.8-0ubuntu1.1 https://launchpad.net/ubuntu/+source/plasma-workspace/4:5.24.7-0ubuntu0.2 https://launchpad.net/ubuntu/+source/plasma-workspace/4:5.18.8-0ubuntu0.2