We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | mitre |
Reserved | 2024-05-02 |
Published | 2024-05-07 |
Updated | 2024-08-02 |
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.
https://gitlab.gnome.org/GNOME/glib/-/issues/3268
https://www.openwall.com/lists/oss-security/2024/05/07/5
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRSFYAE5X23TNRWX7ZWEJOMISLCDSYNS/ (FEDORA-2024-be032e564d)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UNFJHISR4O6VFOHBFWH5I5WWMG37H63A/ (FEDORA-2024-2ce1c754f7)
https://lists.debian.org/debian-lts-announce/2024/05/msg00008.html ([debian-lts-announce] 20240513 [SECURITY] [DLA 3814-1] glib2.0 security update)
https://security.netapp.com/advisory/ntap-20240531-0008/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LL6HSJDXCXMLEIJBYV6CPOR4K2NTCTXW/ (FEDORA-2024-fd2569c4e9)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCDY3KA7G7D3DRXYTT46K6LFHS2KHWBH/ (FEDORA-2024-635a54eb7e)