diff -pruN 2.0-21-g6fe2f4f-2/debian/changelog 2.0-21-g6fe2f4f-2ubuntu1/debian/changelog
--- 2.0-21-g6fe2f4f-2/debian/changelog	2018-06-04 09:52:41.000000000 +0000
+++ 2.0-21-g6fe2f4f-2ubuntu1/debian/changelog	2022-01-20 12:16:54.000000000 +0000
@@ -1,3 +1,12 @@
+usbview (2.0-21-g6fe2f4f-2ubuntu1) jammy; urgency=medium
+
+  * SECURITY UPDATE: Privilege escalation
+    - debian/patches/CVE-2022-23220_1.patch: polkit policy local root exploit.
+    - debian/patches/CVE-2022-23220_2.patch: improved hardening.
+    - CVE-2022-23220
+
+ -- Paulo Flabiano Smorigo <pfsmorigo@canonical.com>  Thu, 20 Jan 2022 12:16:54 +0000
+
 usbview (2.0-21-g6fe2f4f-2) unstable; urgency=low
 
    * Add build dependency on librsvg2-bin since the imagemagick
diff -pruN 2.0-21-g6fe2f4f-2/debian/control 2.0-21-g6fe2f4f-2ubuntu1/debian/control
--- 2.0-21-g6fe2f4f-2/debian/control	2018-06-04 09:52:41.000000000 +0000
+++ 2.0-21-g6fe2f4f-2ubuntu1/debian/control	2022-01-20 12:16:54.000000000 +0000
@@ -1,7 +1,8 @@
 Source: usbview
 Section: x11
 Priority: optional
-Maintainer: Mark Brown <broonie@debian.org>
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+XSBC-Original-Maintainer: Mark Brown <broonie@debian.org>
 Standards-Version: 3.9.6
 Homepage: http://www.kroah.com/linux-usb/
 Build-Depends: debhelper (>= 9), dh-autoreconf, autoconf-archive,
diff -pruN 2.0-21-g6fe2f4f-2/debian/patches/CVE-2022-23220_1.patch 2.0-21-g6fe2f4f-2ubuntu1/debian/patches/CVE-2022-23220_1.patch
--- 2.0-21-g6fe2f4f-2/debian/patches/CVE-2022-23220_1.patch	1970-01-01 00:00:00.000000000 +0000
+++ 2.0-21-g6fe2f4f-2ubuntu1/debian/patches/CVE-2022-23220_1.patch	2022-01-20 12:16:54.000000000 +0000
@@ -0,0 +1,29 @@
+Subject: [vs] usbview polkit policy local root exploit
+Date: Thu, 13 Jan 2022 14:30:52 +0100
+From: Matthias Gerstner <mgerstner@suse.de>
+To: distros@vs.openwall.org
+CC: security@suse.de
+--- usbview-2.0-21-g6fe2f4f.orig/main.c
++++ usbview-2.0-21-g6fe2f4f/main.c
+@@ -18,6 +18,8 @@
+ 	#include <config.h>
+ #endif
+ 
++#include <stdlib.h>
++
+ #include <gtk/gtk.h>
+ 
+ #include "usbtree.h"
+@@ -25,8 +27,11 @@
+ int main (int argc, char *argv[])
+ {
+ 	GtkWidget *window1;
++	gboolean is_pkexec = getenv("PKEXEC_UID") != NULL;
+ 
+-	gtk_init (&argc, &argv);
++	// only evalute command line parameters if not running in pkexec
++	// privilege escalation context to avoid potential attack vectors
++	gtk_init (is_pkexec ? NULL : &argc, is_pkexec ? NULL : &argv);
+ 
+ 	initialize_stuff();
+ 
diff -pruN 2.0-21-g6fe2f4f-2/debian/patches/CVE-2022-23220_2.patch 2.0-21-g6fe2f4f-2ubuntu1/debian/patches/CVE-2022-23220_2.patch
--- 2.0-21-g6fe2f4f-2/debian/patches/CVE-2022-23220_2.patch	1970-01-01 00:00:00.000000000 +0000
+++ 2.0-21-g6fe2f4f-2ubuntu1/debian/patches/CVE-2022-23220_2.patch	2022-01-20 12:16:54.000000000 +0000
@@ -0,0 +1,18 @@
+Subject: [vs] usbview polkit policy local root exploit
+Date: Thu, 13 Jan 2022 14:30:52 +0100
+From: Matthias Gerstner <mgerstner@suse.de>
+To: distros@vs.openwall.org
+CC: security@suse.de
+--- usbview-2.0-21-g6fe2f4f.orig/org.freedesktop.pkexec.usbview.policy
++++ usbview-2.0-21-g6fe2f4f/org.freedesktop.pkexec.usbview.policy
+@@ -8,8 +8,8 @@
+     <message>Authentication is required to view USB bus</message>
+     <icon_name>usbview_icon</icon_name>
+     <defaults>
+-      <allow_any>yes</allow_any>
+-      <allow_inactive>yes</allow_inactive>
++      <allow_any>no</allow_any>
++      <allow_inactive>no</allow_inactive>
+       <allow_active>auth_admin_keep</allow_active>
+     </defaults>
+     <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/usbview</annotate>
diff -pruN 2.0-21-g6fe2f4f-2/debian/patches/series 2.0-21-g6fe2f4f-2ubuntu1/debian/patches/series
--- 2.0-21-g6fe2f4f-2/debian/patches/series	1970-01-01 00:00:00.000000000 +0000
+++ 2.0-21-g6fe2f4f-2ubuntu1/debian/patches/series	2022-01-20 12:16:54.000000000 +0000
@@ -0,0 +1,2 @@
+CVE-2022-23220_1.patch
+CVE-2022-23220_2.patch