CVE-2024-34397 : An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x befor

An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.

Published 2024-05-07 00:00:00

Updated 2024-11-15 18:35:33

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2024-34397

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2024-34397

EPSS FAQ

0.25%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 48 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2024-34397

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.2	MEDIUM	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L	0.9	4.2	134c704f-9b21-4f2e-91b3-4a467353bcc0	2024-11-15
Attack Vector: Physical Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: Low

CWE ids for CVE-2024-34397

CWE-290 Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

References for CVE-2024-34397

https://www.openwall.com/lists/oss-security/2024/05/07/5

oss-security - GLib (2.26.0+): GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LL6HSJDXCXMLEIJBYV6CPOR4K2NTCTXW/

[SECURITY] Fedora 39 Update: gnome-shell-45.6-2.fc39 - package-announce - Fedora Mailing-Lists
https://security.netapp.com/advisory/ntap-20240531-0008/

CVE-2024-34397 Gnome Glib Vulnerability in NetApp Products | NetApp Product Security
https://lists.debian.org/debian-lts-announce/2024/05/msg00008.html

[SECURITY] [DLA 3814-1] glib2.0 security update
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCDY3KA7G7D3DRXYTT46K6LFHS2KHWBH/

[SECURITY] Fedora 40 Update: glib2-2.80.2-1.fc40 - package-announce - Fedora Mailing-Lists
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRSFYAE5X23TNRWX7ZWEJOMISLCDSYNS/

[SECURITY] Fedora 39 Update: mingw-glib2-2.78.5-1.fc39 - package-announce - Fedora Mailing-Lists
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UNFJHISR4O6VFOHBFWH5I5WWMG37H63A/

[SECURITY] Fedora 40 Update: mingw-glib2-2.80.1-1.fc40 - package-announce - Fedora Mailing-Lists
https://gitlab.gnome.org/GNOME/glib/-/issues/3268

CVE-2024-34397: GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing (#3268) · Issues · GNOME / GLib · GitLab

Jump to

Vulnerability Details : CVE-2024-34397

Products affected by CVE-2024-34397

Exploit prediction scoring system (EPSS) score for CVE-2024-34397

CVSS scores for CVE-2024-34397

CWE ids for CVE-2024-34397

References for CVE-2024-34397