An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.
Metrics
Affected Vendors & Products
References
History
Fri, 15 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-290 | |
Metrics |
cvssV3_1
|
ssvc
|
Wed, 13 Nov 2024 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9::crb |
Tue, 01 Oct 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:service_interconnect:1::el9 |
Thu, 26 Sep 2024 23:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat service Interconnect
|
|
CPEs | cpe:/a:redhat:service_interconnect:1.4::el9 | |
Vendors & Products |
Redhat service Interconnect
|
Mon, 09 Sep 2024 10:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux |
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-05-07T00:00:00
Updated: 2024-11-15T17:14:35.675Z
Reserved: 2024-05-02T00:00:00
Link: CVE-2024-34397
Vulnrichment
Updated: 2024-08-02T02:51:11.424Z
NVD
Status : Awaiting Analysis
Published: 2024-05-07T18:15:08.350
Modified: 2024-11-21T09:18:34.830
Link: CVE-2024-34397
Redhat