CVE-2019-25058

An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to be connected in the future.

References

Affected packages

Git / github.com/usbguard/usbguard

Affected ranges

Type

GIT

Repo

https://github.com/usbguard/usbguard

Events

Introduced

Fixed

8605c1071f46f83bbbf5461e6e5c4f477e9bdc1a

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.1.0"
        }
    ]
}

Affected versions

usbguard-0.*

usbguard-0.5-6

usbguard-0.5-7

usbguard-0.5-8

usbguard-0.5-9

usbguard-0.5.10

usbguard-0.5.11

usbguard-0.5.12

usbguard-0.5.13

usbguard-0.5.14

usbguard-0.6.0

usbguard-0.6.1

usbguard-0.6.2

usbguard-0.7.0

usbguard-0.7.1

usbguard-0.7.2

usbguard-0.7.3

usbguard-0.7.4

usbguard-0.7.5

usbguard-0.7.6

usbguard-0.7.7

usbguard-0.7.8

usbguard-1.*

usbguard-1.0.0

v0.*

v0.1

v0.2

v0.3

v0.3p1

v0.3p2

v0.3p3

v0.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-25058.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "34"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "35"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "36"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    }
]