{"id":"USN-6554-1","summary":"gnome-control-center vulnerability","details":"Zygmunt Krynicki discovered that GNOME Settings did not accurately reflect\nthe SSH remote login status when the system was configured to use systemd\nsocket activation for OpenSSH. Remote SSH access may be unknowingly\nenabled, contrary to expectation.\n","modified":"2026-04-27T16:43:56.383849Z","published":"2023-12-13T02:21:14Z","related":["UBUNTU-CVE-2023-5616"],"upstream":["CVE-2023-5616","UBUNTU-CVE-2023-5616"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6554-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-5616"}],"affected":[{"package":{"name":"gnome-control-center","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/gnome-control-center@1:3.36.5-0ubuntu4.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.36.5-0ubuntu4.1"}]}],"versions":["1:3.34.1-1ubuntu2","1:3.34.1-1ubuntu3","1:3.35.90-0ubuntu1","1:3.35.91-0ubuntu1","1:3.35.91-0ubuntu2","1:3.35.91-0ubuntu3","1:3.35.92-1ubuntu1","1:3.36.0-0ubuntu2","1:3.36.0-0ubuntu3","1:3.36.1-1ubuntu1","1:3.36.1-1ubuntu2","1:3.36.1-1ubuntu3","1:3.36.1-1ubuntu4","1:3.36.1-1ubuntu5","1:3.36.2-0ubuntu1","1:3.36.3-0ubuntu1","1:3.36.4-0ubuntu1","1:3.36.4-0ubuntu2","1:3.36.5-0ubuntu1","1:3.36.5-0ubuntu2","1:3.36.5-0ubuntu3","1:3.36.5-0ubuntu4"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1:3.36.5-0ubuntu4.1","binary_name":"gnome-control-center"},{"binary_version":"1:3.36.5-0ubuntu4.1","binary_name":"gnome-control-center-data"},{"binary_version":"1:3.36.5-0ubuntu4.1","binary_name":"gnome-control-center-faces"}]},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2023-5616","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:20.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6554-1.json"}},{"package":{"name":"gnome-control-center","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/gnome-control-center@1:41.7-0ubuntu0.22.04.8?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:41.7-0ubuntu0.22.04.8"}]}],"versions":["1:40.0-1ubuntu5","1:41.1-1ubuntu1","1:41.1-1ubuntu2","1:41.1-1ubuntu3","1:41.2-2ubuntu1","1:41.4-1ubuntu2","1:41.4-1ubuntu3","1:41.4-1ubuntu3.1","1:41.4-1ubuntu6","1:41.4-1ubuntu8","1:41.4-1ubuntu9","1:41.4-1ubuntu10","1:41.4-1ubuntu11","1:41.4-1ubuntu12","1:41.4-1ubuntu13","1:41.4-1ubuntu13.2","1:41.7-0ubuntu0.22.04.1","1:41.7-0ubuntu0.22.04.4","1:41.7-0ubuntu0.22.04.5","1:41.7-0ubuntu0.22.04.6","1:41.7-0ubuntu0.22.04.7"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1:41.7-0ubuntu0.22.04.8","binary_name":"gnome-control-center"},{"binary_version":"1:41.7-0ubuntu0.22.04.8","binary_name":"gnome-control-center-data"},{"binary_version":"1:41.7-0ubuntu0.22.04.8","binary_name":"gnome-control-center-faces"}]},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2023-5616","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:22.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6554-1.json"}}],"schema_version":"1.7.5"}