Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : ibus vulnerability (USN-4134-1)
High Nessus Plugin ID 128967
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionSimon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected ibus package.