Описание
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.80.1-1 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | not-affected | 2.64.6-1~ubuntu20.04.7 |
| esm-infra/xenial | needs-triage | |
| focal | released | 2.64.6-1~ubuntu20.04.7 |
| jammy | released | 2.72.4-0ubuntu2.3 |
| mantic | released | 2.78.0-2ubuntu0.1 |
| noble | released | 2.80.0-6ubuntu3.1 |
| oracular | released | 2.80.1-1 |
Показывать по
5.2 Medium
CVSS3
Связанные уязвимости
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2. ...
5.2 Medium
CVSS3