An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.
Metrics
Affected Vendors & Products
References
History
Mon, 09 Sep 2024 10:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux |
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-05-07T00:00:00
Updated: 2024-08-02T02:51:11.424Z
Reserved: 2024-05-02T00:00:00
Link: CVE-2024-34397
Vulnrichment
Updated: 2024-08-02T02:51:11.424Z
NVD
Status : Awaiting Analysis
Published: 2024-05-07T18:15:08.350
Modified: 2024-06-10T18:15:34.863
Link: CVE-2024-34397
Redhat