CVE-2019-11460

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-11460
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11460.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-11460
Downstream
Related
Published
2019-04-22T22:29:00.463Z
Modified
2026-04-10T04:15:09.373830Z
Severity
  • 9.0 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling terminal, allowing an attacker to escape the sandbox if the thumbnailer has a controlling terminal. This is due to improper filtering of the TIOCSTI ioctl on 64-bit systems, similar to CVE-2019-10063.

References

Affected packages

Git / github.com/gnome/gnome-desktop

Affected ranges

Type
GIT
Repo
https://github.com/gnome/gnome-desktop
Events
Introduced
09cea05aa30a7d8cd83281f6a5a847bd3134f398
Fixed
22b669a747aa260931aa0e31c79b185ac7ade2cf
Introduced
0e76fa7937cde35189c74f93ef6d2081d52bf9b5
Fixed
496b91eb9c73ff74fc2100d15c05c2c15eba5a78
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
53128bea164b64951c1073d479f60940c2d90d1c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5e30118786eb767001fc8bfc8d130127b9538297
Database specific 
{
    "versions": [
        {
            "introduced": "3.30.0"
        },
        {
            "fixed": "3.30.2.2"
        },
        {
            "introduced": "3.32.0"
        },
        {
            "fixed": "3.32.1.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.26.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.28.0"
        }
    ]
}

Affected versions

2.*
2.29.4
2.91.5
2.91.6
2.91.6.1
2.91.90
2.91.91
2.91.92
2.91.93
3.*
3.0.0
3.0.1
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.1.90
3.1.90.1
3.1.91
3.10.0
3.10.1
3.11.1
3.11.2
3.11.4
3.11.5
3.11.90
3.11.91
3.12.0
3.12.1
3.13.1
3.13.3
3.13.4
3.13.90
3.13.91
3.13.92
3.14.0
3.14.1
3.15.1
3.15.2
3.15.2.1
3.15.3
3.15.4
3.15.90
3.15.91
3.15.92
3.16.0
3.16.1
3.17.2
3.17.3
3.17.4
3.17.90
3.17.92
3.18.0
3.19.1
3.19.2
3.19.3
3.19.4
3.19.90
3.19.91
3.19.92
3.19.93
3.20.0
3.20.1
3.21.1
3.21.2
3.21.3
3.21.4
3.21.90
3.21.92
3.22.0
3.22.1
3.23.1
3.23.2
3.23.3
3.23.90
3.23.91
3.23.92
3.24.0
3.25.1
3.25.2
3.25.3
3.25.4
3.25.90
3.25.90.1
3.25.91
3.25.92
3.26.0
3.27.1
3.27.2
3.27.90
3.27.92
3.28.0
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.90
3.3.91
3.3.92
3.30.0
3.30.1
3.30.2
3.30.2.1
3.32.0
3.32.1
3.5.2
3.5.3
3.5.4
3.5.5
3.5.90
3.5.91
3.6.0
3.6.0.1
3.7.1
3.7.2
3.7.3
3.7.4
3.7.5
3.7.90
3.9.1
3.9.5
3.9.90
3.9.91
3.9.92
Other
BEFORE_GTK_1_3_CHANGES
DROOLING_MACAQUE
GGV_0_61
GNOME_0_12
GNOME_0_20
GNOME_0_20a
GNOME_0_25
GNOME_0_27
GNOME_0_28_MARTIN
GNOME_0_30
GNOME_0_30_PATCHES
GNOME_0_99_2
GNOME_0_99_3
GNOME_0_99_7
GNOME_0_99_8
GNOME_0_99_8_1
GNOME_1_5_3
GNOME_2_0_BRANCHPOINT
GNOME_2_10_BRANCHPOINT
GNOME_2_12_BRANCHPOINT
GNOME_2_14_BRANCHPOINT
GNOME_2_16_BRANCHPOINT
GNOME_2_22_BRANCHPOINT
GNOME_2_2_BRANCHPOINT
GNOME_2_4_BRANCHPOINT
GNOME_2_6_BRANCHPOINT
GNOME_2_8_BRANCHPOINT
GNOME_CORE_1_0_0_1
GNOME_CORE_1_0_1
GNOME_CORE_1_0_3
GNOME_CORE_1_0_4
GNOME_CORE_1_0_5
GNOME_CORE_1_0_ANCHOR
GNOME_CORE_1_1_0
GNOME_CORE_1_1_1
GNOME_CORE_1_1_2
GNOME_CORE_1_1_3
GNOME_CORE_1_1_4
GNOME_CORE_1_1_5
GNOME_CORE_1_1_6
GNOME_CORE_1_1_8
GNOME_CORE_1_1_9
GNOME_CORE_1_2_0
GNOME_CORE_1_2_2
GNOME_CORE_1_2_3_1
GNOME_CORE_1_2_99_2
GNOME_CORE_1_3_0
GNOME_CORE_1_3_1
GNOME_CORE_1_4_0
GNOME_CORE_1_4_0_1
GNOME_CORE_1_4_0_3
GNOME_CORE_1_4_0_4
GNOME_CORE_1_4_ANCHOR
GNOME_CORE_1_5_1
GNOME_CORE_1_5_2
GNOME_CORE_1_5_4
GNOME_CORE_1_5_5
GNOME_CORE_1_5_6
GNOME_CORE_1_5_7
GNOME_CORE_1_5_8
GNOME_CORE_MODULE_SPLIT
GNOME_DESKTOP_1_5_10
GNOME_DESKTOP_1_5_11
GNOME_DESKTOP_1_5_13
GNOME_DESKTOP_1_5_14
GNOME_DESKTOP_1_5_15
GNOME_DESKTOP_1_5_16
GNOME_DESKTOP_1_5_17
GNOME_DESKTOP_1_5_18
GNOME_DESKTOP_1_5_19
GNOME_DESKTOP_1_5_20
GNOME_DESKTOP_1_5_21
GNOME_DESKTOP_1_5_22
GNOME_DESKTOP_1_5_9
GNOME_DESKTOP_2_0_0
GNOME_DESKTOP_2_0_1
GNOME_DESKTOP_2_0_3
GNOME_DESKTOP_2_0_4
GNOME_DESKTOP_2_0_5
GNOME_DESKTOP_2_0_6
GNOME_DESKTOP_2_0_7
GNOME_DESKTOP_2_0_8
GNOME_DESKTOP_2_10_0
GNOME_DESKTOP_2_10_1
GNOME_DESKTOP_2_11_1
GNOME_DESKTOP_2_11_3
GNOME_DESKTOP_2_11_4
GNOME_DESKTOP_2_11_5
GNOME_DESKTOP_2_11_90
GNOME_DESKTOP_2_11_92
GNOME_DESKTOP_2_12_0
GNOME_DESKTOP_2_13_1
GNOME_DESKTOP_2_13_2
GNOME_DESKTOP_2_13_3
GNOME_DESKTOP_2_13_4
GNOME_DESKTOP_2_13_5
GNOME_DESKTOP_2_13_90
GNOME_DESKTOP_2_13_91
GNOME_DESKTOP_2_13_92
GNOME_DESKTOP_2_14_0
GNOME_DESKTOP_2_15_1
GNOME_DESKTOP_2_15_2
GNOME_DESKTOP_2_15_4
GNOME_DESKTOP_2_15_90
GNOME_DESKTOP_2_15_91
GNOME_DESKTOP_2_15_92
GNOME_DESKTOP_2_16_0
GNOME_DESKTOP_2_16_1
GNOME_DESKTOP_2_17_2
GNOME_DESKTOP_2_17_5
GNOME_DESKTOP_2_17_90
GNOME_DESKTOP_2_17_91
GNOME_DESKTOP_2_17_92
GNOME_DESKTOP_2_18_0
GNOME_DESKTOP_2_18_1
GNOME_DESKTOP_2_19_2
GNOME_DESKTOP_2_19_3
GNOME_DESKTOP_2_19_3_1
GNOME_DESKTOP_2_19_4
GNOME_DESKTOP_2_19_5
GNOME_DESKTOP_2_19_6
GNOME_DESKTOP_2_19_90
GNOME_DESKTOP_2_19_92
GNOME_DESKTOP_2_1_0
GNOME_DESKTOP_2_1_2
GNOME_DESKTOP_2_1_3
GNOME_DESKTOP_2_1_4
GNOME_DESKTOP_2_1_5
GNOME_DESKTOP_2_1_90
GNOME_DESKTOP_2_20_0
GNOME_DESKTOP_2_20_1
GNOME_DESKTOP_2_21_2
GNOME_DESKTOP_2_21_4
GNOME_DESKTOP_2_21_5
GNOME_DESKTOP_2_21_90
GNOME_DESKTOP_2_21_91
GNOME_DESKTOP_2_21_92
GNOME_DESKTOP_2_22_0
GNOME_DESKTOP_2_22_1
GNOME_DESKTOP_2_23_1
GNOME_DESKTOP_2_23_2
GNOME_DESKTOP_2_23_3
GNOME_DESKTOP_2_23_4
GNOME_DESKTOP_2_23_5
GNOME_DESKTOP_2_23_6
GNOME_DESKTOP_2_23_90
GNOME_DESKTOP_2_23_91
GNOME_DESKTOP_2_23_92
GNOME_DESKTOP_2_24_0
GNOME_DESKTOP_2_25_1
GNOME_DESKTOP_2_25_1_1
GNOME_DESKTOP_2_25_2
GNOME_DESKTOP_2_25_3
GNOME_DESKTOP_2_25_4
GNOME_DESKTOP_2_25_5
GNOME_DESKTOP_2_25_90
GNOME_DESKTOP_2_25_91
GNOME_DESKTOP_2_25_92
GNOME_DESKTOP_2_26_0
GNOME_DESKTOP_2_26_1
GNOME_DESKTOP_2_26_2
GNOME_DESKTOP_2_27_3
GNOME_DESKTOP_2_27_4
GNOME_DESKTOP_2_27_5
GNOME_DESKTOP_2_27_91
GNOME_DESKTOP_2_27_92
GNOME_DESKTOP_2_28_0
GNOME_DESKTOP_2_28_1
GNOME_DESKTOP_2_29_2
GNOME_DESKTOP_2_29_3
GNOME_DESKTOP_2_29_4
GNOME_DESKTOP_2_29_5
GNOME_DESKTOP_2_29_6
GNOME_DESKTOP_2_29_90
GNOME_DESKTOP_2_29_91
GNOME_DESKTOP_2_29_92
GNOME_DESKTOP_2_2_0
GNOME_DESKTOP_2_2_1
GNOME_DESKTOP_2_30_0
GNOME_DESKTOP_2_31_2
GNOME_DESKTOP_2_3_0
GNOME_DESKTOP_2_3_1
GNOME_DESKTOP_2_3_2
GNOME_DESKTOP_2_3_3
GNOME_DESKTOP_2_3_3_1
GNOME_DESKTOP_2_3_4
GNOME_DESKTOP_2_3_6
GNOME_DESKTOP_2_3_6_1
GNOME_DESKTOP_2_3_7
GNOME_DESKTOP_2_3_90
GNOME_DESKTOP_2_4_0
GNOME_DESKTOP_2_4_1
GNOME_DESKTOP_2_4_4_1
GNOME_DESKTOP_2_5_1
GNOME_DESKTOP_2_5_2
GNOME_DESKTOP_2_5_3
GNOME_DESKTOP_2_5_4
GNOME_DESKTOP_2_5_5
GNOME_DESKTOP_2_5_90
GNOME_DESKTOP_2_5_91
GNOME_DESKTOP_2_5_92
GNOME_DESKTOP_2_6_0
GNOME_DESKTOP_2_6_0_1
GNOME_DESKTOP_2_6_1
GNOME_DESKTOP_2_7_1
GNOME_DESKTOP_2_7_3
GNOME_DESKTOP_2_7_4
GNOME_DESKTOP_2_7_90
GNOME_DESKTOP_2_7_91
GNOME_DESKTOP_2_7_92
GNOME_DESKTOP_2_8_0
GNOME_DESKTOP_2_8_1
GNOME_DESKTOP_2_90_0
GNOME_DESKTOP_2_90_1
GNOME_DESKTOP_2_90_4
GNOME_DESKTOP_2_90_5
GNOME_DESKTOP_2_91_0
GNOME_DESKTOP_2_91_1
GNOME_DESKTOP_2_91_2
GNOME_DESKTOP_2_91_3
GNOME_DESKTOP_2_91_4
GNOME_DESKTOP_2_9_2
GNOME_DESKTOP_2_9_3
GNOME_DESKTOP_2_9_4
GNOME_DESKTOP_2_9_90
GNOME_DESKTOP_2_9_90_1
GNOME_DESKTOP_2_9_91
GNOME_DESKTOP_2_9_92
GNOME_LIBS_1_1_0
GNOME_LIBS_MODULE_SPLIT
GNOME_PRINT_0_24
GNOME_STABLE_ANCHOR
NEW_GNOME_ABOUT_BRANCHPOINT
PANTING_CHIMPANZEE
POST_1_0_MERGE
PREPARED_2_3_1
PRE_1_0_MERGE
PRE_PANEL2
ROSALIA_BEFORE_COMMITTING_DL_AND_GNOME_HELLO
SNAP_19971121
V_0_11
bp_panel-1-1-test
help
martin_local_tree
v3.*
v3.25.92

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11460.json"