Ubuntu
fprintd package

Fingerprint login can be changed without authentication

Bug #1797012 reported by Alex Jones on 2018-10-10

This bug report is a duplicate of: Bug #1532264: fprintd allows unauthorized root access. Edit Remove

258

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	fprintd (Ubuntu)	New	Undecided	Unassigned
	libfprint (Ubuntu)	New	Undecided	Unassigned
	pam-fprint (Ubuntu)	New	Undecided	Unassigned
	sudo (Ubuntu)	New	Undecided	Unassigned

Bug Description

In Ubuntu 18.04, a new fingerprint can be registered without authentication, allowing the bypass of any authentication mechanism that is configured to use the fingerprint reader, for example, sudo. The version number of libfprint on my system is 1:0.7.0-1

Alex Jones (blenheimears) on 2018-10-10

no longer affects:

ubuntu-docs (Ubuntu)

Revision history for this message

Seth Arnold (seth-arnold) wrote on 2018-10-10:

#1

Hello Alex, could you please describe the steps necessary to recreate this issue?

Is there any chance you're in a position to test the forthcoming cosmic release?

Thanks

Revision history for this message

Alex Jones (blenheimears) wrote on 2018-10-10:

#2

To enroll a new fingerprint, a malicious user would simply run fprintd-enroll or open the users applet in the Gnome configuration settings, and then enroll their own finger. It does not ask for authentication such as the user's password or an existing fingerprint. The malicious user can then sudo to root if sudo is configured to allow fingerprint authentication. This is not the default but it is very likely that users will enable this.

Revision history for this message

Seth Arnold (seth-arnold) wrote on 2018-10-10:

#3

Hey Marco, this sounds a lot like 1532264 -- any ideas?

Thanks

Revision history for this message

Marco Trevisan (Treviño) (3v1n0) wrote on 2018-10-16:

#4

Yes, This is something that we can prevent with a pk config, but upstream wasn't fine with that as proper solution, but is something we can ship for ubuntu in the mean time.

Revision history for this message

Marc Deslauriers (mdeslaur) wrote on 2019-09-17:

#5

I am going to mark this as a dupe of bug 1532264 since it looks to be the same root cause. Thanks!

information type:

Private Security → Public Security

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicate of bug #1532264 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.