D-Bus signal spoofing in GLib (CVE-2024-34397) #shorts #breaking

CVE

The security issue identified as CVE-2024-34397 involves a flaw in GLib, specifically concerning D-Bus signal spoofing. This vulnerability was found in certain versions of GNOME GLib, including versions before 2.78.5 as well as the 2.79.x and 2.80.x series before 2.80.1. This flaw can be exploited by attackers on shared systems where they may send spoofed D-Bus signals to GDBus-based clients. The exploitation of this vulnerability can potentially disrupt the normal behavior of applications that rely on these signal communications by injecting or altering the signals that are exchanged.

Watch the full video on YouTube: CVE-2024-34397

Remediation and exploitation details

This chain involves the following actors

This following systems are involved

Attack entry point

Remediation actions

Exploitation actions

CVE database technical details

CVE ID

CVE-2024-34397

Description

An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.

Provider

mitre

CWE / problem types

n/a

Affected Software Versions

n/a:n/a:[{'version': 'n/a', 'status': 'affected'}]

Date Published

2024-05-07T00:00:00

Last Updated

2024-11-15T17:14:35.675Z