MGASA-2024-0229 - Updated flatpak packages fix security vulnerability

Publication date: 20 Jun 2024
URL: https://advisories.mageia.org/MGASA-2024-0229.html
Type: security
Affected Mageia releases: 9
CVE: CVE-2024-32462

A malicious or compromised Flatpak app could execute arbitrary code
outside its sandbox.

References:
- https://bugs.mageia.org/show_bug.cgi?id=33119
- https://www.openwall.com/lists/oss-security/2024/04/18/5
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32462

SRPMS:
- 9/core/flatpak-1.14.6-1.mga9

Mageia 2024-0229: flatpak Security Advisory Updates

A malicious or compromised Flatpak app could execute arbitrary code outside its sandbox

Summary

A malicious or compromised Flatpak app could execute arbitrary code outside its sandbox.

References

- https://bugs.mageia.org/show_bug.cgi?id=33119

- https://www.openwall.com/lists/oss-security/2024/04/18/5

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32462

Resolution

MGASA-2024-0229 - Updated flatpak packages fix security vulnerability

SRPMS

- 9/core/flatpak-1.14.6-1.mga9

Severity
Publication date: 20 Jun 2024
URL: https://advisories.mageia.org/MGASA-2024-0229.html
Type: security
CVE: CVE-2024-32462

Related News

31.Lock DigitalRoom Esm H170
2 - 4 min read
An aggressive cyber threat targeting HTTP File Server (HFS) users has emerged recently. A Remote Code Execution (RCE) vulnerability known as
34.Key AbstractDigital Esm H170
2 - 4 min read
Security threats continue developing rapidly, with attackers finding new vulnerabilities daily. Recent findings from researchers at Uptycs indicate
32.Lock Code Circular Esm H170
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its
1.Penguin Landscape Esm H170
2 - 3 min read
On Independence Day, there is a deep recognition of digital autonomy amidst the colorful fireworks displays and patriotic revelry. At LinuxSecurity,
20.Lock AbstractDigital Circular Esm H170
2 - 3 min read
Google has released fixes for a high-severity Chromium security flaw ( CVE-2024-5274 ) impacting its widely used Chrome browser and other
11.Locks IsometricPattern Esm H170
2 - 4 min read
Linux Mint is a user-friendly GNU/Linux desktop distribution built upon Ubuntu and Debian for maximum reliability while offering an aesthetically
32.Lock Code Circular Esm H170
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
27.Tablet Connections Blocks Lock Esm H170
2 - 4 min read
Debian recently unveiled a significant update to its stable distribution, Debian 12.6 (codename "bookworm"). While not an entirely new release, this

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved