Vulnerability Details CVE-2019-25058
An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to be connected in the future.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.1%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.4
References
- https://github.com/USBGuard/usbguard/issues/273
- https://github.com/USBGuard/usbguard/issues/403
- https://github.com/USBGuard/usbguard/pull/531
- https://lists.debian.org/debian-lts-announce/2022/04/msg00010.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B2ET6DU4IA64M6TMQ4X3SG2L6TRPLDN6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3HQVTHHJFQLSWSXA7W3ZHRF72YMPI46/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4QO5J5YEWVX27QXYOGL3BDRV3KXNRQI/
- https://github.com/USBGuard/usbguard/issues/273
- https://github.com/USBGuard/usbguard/issues/403
- https://github.com/USBGuard/usbguard/pull/531
- https://lists.debian.org/debian-lts-announce/2022/04/msg00010.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B2ET6DU4IA64M6TMQ4X3SG2L6TRPLDN6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3HQVTHHJFQLSWSXA7W3ZHRF72YMPI46/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4QO5J5YEWVX27QXYOGL3BDRV3KXNRQI/
Products affected by CVE-2019-25058
-
cpe:2.3:a:usbguard_project:usbguard:0.2
-
cpe:2.3:a:usbguard_project:usbguard:0.3
-
cpe:2.3:a:usbguard_project:usbguard:0.4
-
cpe:2.3:a:usbguard_project:usbguard:0.5.10
-
cpe:2.3:a:usbguard_project:usbguard:0.5.11
-
cpe:2.3:a:usbguard_project:usbguard:0.5.12
-
cpe:2.3:a:usbguard_project:usbguard:0.5.13
-
cpe:2.3:a:usbguard_project:usbguard:0.5.14
-
cpe:2.3:a:usbguard_project:usbguard:0.6.0
-
cpe:2.3:a:usbguard_project:usbguard:0.6.1
-
cpe:2.3:a:usbguard_project:usbguard:0.6.2
-
cpe:2.3:a:usbguard_project:usbguard:0.7.0
-
cpe:2.3:a:usbguard_project:usbguard:0.7.1
-
cpe:2.3:a:usbguard_project:usbguard:0.7.2
-
cpe:2.3:a:usbguard_project:usbguard:0.7.3
-
cpe:2.3:a:usbguard_project:usbguard:0.7.4
-
cpe:2.3:a:usbguard_project:usbguard:0.7.5
-
cpe:2.3:a:usbguard_project:usbguard:0.7.6
-
cpe:2.3:a:usbguard_project:usbguard:0.7.7
-
cpe:2.3:a:usbguard_project:usbguard:0.7.8
-
cpe:2.3:a:usbguard_project:usbguard:1.0.0
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:fedoraproject:fedora:34
-
cpe:2.3:o:fedoraproject:fedora:35
-
cpe:2.3:o:fedoraproject:fedora:36