Vulnerability Database

310,222

Total vulnerabilities in the database

CVE-2023-3297

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.

Published: Sep 1, 2023
Updated: Nov 16, 2025
CVE: CVE-2023-3297
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.1
AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
canonical / accountsservice	-	23.13.9-2ubuntu2
canonical / accountsservice	-	22.08.8-1ubuntu7.1
canonical / accountsservice	-	22.07.5-2ubuntu1.4
canonical / accountsservice	-	0.6.55-0ubuntu12\~20.04.6
canonical / ubuntu_linux	20.04	20.04.x
canonical / ubuntu_linux	22.04	22.04.x
canonical / ubuntu_linux	22.10	22.10.x
canonical / ubuntu_linux	23.04	23.04.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo