CVE-2019-14822: High severity IBM Security Guardium vulnerability

Published Jun 6, 2019
·
Updated

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.

Other sources

IBus could allow a local authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to monitor and send method calls to the ibus bus of another user.

IBM

ibus uses a GDBusServer with GDBUSSERVERFLAGSAUTHENTICATIONALLOWANONYMOUS, and doesn't set a GDBusAuthObserver, which allows anyone who can connect to its AFUNIX socket to authenticate and be authorized to send method calls. It also seems to use an abstract AFUNIX socket, which does not have filesystem permissions, so the practical effect might be that a local attacker can connect to another user's ibus service and make arbitrary method calls.

Red Hat

Affected Software

15 affected componentsFixes available
redhat/ibus<1.5.22
1.5.22
IBM Security Guardium<=10.5
IBM Security Guardium<=10.6
IBM Security Guardium<=11.0
IBM Security Guardium<=11.1
IBM Security Guardium<=11.2
IBM Security Guardium<=11.3
Ibus Project Ibus<1.5.22
redhat Enterprise Linux=7.0
redhat Enterprise Linux=8.0
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
Oracle ZFS Storage Appliance Kit=8.8
debian/ibus
1.5.23-21.5.27-51.5.32-21.5.34~beta1-1

Remediation

Patch Available

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14822

Patch Available

https://www.oracle.com/security-alerts/cpuapr2022.html

Event History

Nov 25, 2019
CVE Published
via MITRE·11:01 AM
Data Sourced
via MITRE·11:01 AM
DescriptionWeakness
Data Sourced
via NVD·12:15 PM
RemedyDescriptionSeverityWeaknessAffected Software
Jan 11, 2024
Data Sourced
via Launchpad·11:19 PM
Description
Feb 20, 2026
Data Sourced
via Ubuntu·11:24 PM
RemedyDescriptionSeverityAffected Software
Data Sourced
via Debian·11:25 PM
DescriptionAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is CVE-2019-14822?

CVE-2019-14822 is a vulnerability in the ibus package that allows unprivileged users to monitor and intercept keystrokes of another user due to a misconfiguration in the DBus server setup.

2

How severe is CVE-2019-14822?

CVE-2019-14822 has a severity score of 7.1, which is considered high.

3

Which software versions are affected by CVE-2019-14822?

The affected software versions include ibus before 1.5.22, 1.5.17-3ubuntu5.3, 1.5.21-1~, 1.5.11-1ubuntu2.4, 1.5.19-4+deb10u1, 1.5.23-2, 1.5.27-5, and 1.5.29~rc1-1.

4

How can I fix CVE-2019-14822?

To fix CVE-2019-14822, upgrade to ibus version 1.5.22 or apply the specific remedy provided by your operating system.

5

Where can I find more information about CVE-2019-14822?

You can find more information about CVE-2019-14822 in the references: [1] [2].

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203