Описание
A flaw was found In gnome-shell. The GNOME Network Manager and GNOME Shell Portal Helper connectivity checks send DNS checks that, if intercepted, may be used to launch a GNOME Captive Portal in a WebKitGTK browser and load arbitrary HTML and Javascript code.
Отчет
This vulnerability is classified as moderate severity rather than high because it requires a specific and controlled environment to be exploited effectively. The attacker needs to perform DNS hijacking within the same local network, which limits the scope of potential targets. Additionally, the exploit depends on the GNOME Captive Portal automatically opening a WebKitGTK browser, which, while a default behavior, may not be universally applicable across all GNOME configurations. Furthermore, modern web browsers use sandboxing as a mechanism to contain malicious activity, significantly reducing the potential impact of the exploit. This sandboxing mitigates the risk of the attack affecting other parts of the system, thus lowering the severity of this flaw to moderate. The exploitation vector, while technically feasible, involves multiple steps that reduce the likelihood of widespread, automated attacks. Thus, the impact, while serious, is confined to scenarios with network control and specific GNOME settings, justifying its moderate severity classification.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | gnome-shell | Will not fix | ||
| Red Hat Enterprise Linux 7 | gnome-shell | Out of support scope | ||
| Red Hat Enterprise Linux 8 | gnome-shell | Will not fix | ||
| Red Hat Enterprise Linux 9 | gnome-shell | Will not fix |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability. See also CVE-2024-36472.
7.5 High
CVSS3