MGASA-2024-0314

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2024-0314.html

Import Source

https://advisories.mageia.org/MGASA-2024-0314.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2024-0314

Related

CVE-2024-36472

Published

2024-09-27T01:30:52Z

Modified

2024-09-27T00:57:32Z

Summary

Updated gnome-shell packages fix security vulnerability

Details

In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code's behavior. (CVE-2024-36472)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / gnome-shell

Package

Name: gnome-shell
Purl: pkg:rpm/mageia/gnome-shell?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

44.2-1.2.mga9

Ecosystem specific

{
    "section": "core"
}