MGASA-2024-0312 - Updated gtk+2.0 and gtk+3.0 packages fix security vulnerability

Publication date: 25 Sep 2024
URL: https://advisories.mageia.org/MGASA-2024-0312.html
Type: security
Affected Mageia releases: 9
CVE: CVE-2024-6655

A flaw was found in the GTK library. Under certain conditions, it is
possible for a library to be injected into a GTK application from the
current working directory. (CVE-2024-6655)

References:
- https://bugs.mageia.org/show_bug.cgi?id=33409
- https://ubuntu.com/security/notices/USN-6899-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6655

SRPMS:
- 9/core/gtk+2.0-2.24.33-5.1.mga9
- 9/core/gtk+3.0-3.24.38-1.1.mga9

Mageia 2024-0312: gtk+2.0 and gtk+3.0 Security Advisory Updates

A flaw was found in the GTK library

Summary

A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory. (CVE-2024-6655)

References

- https://bugs.mageia.org/show_bug.cgi?id=33409

- https://ubuntu.com/security/notices/USN-6899-1

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6655

Resolution

MGASA-2024-0312 - Updated gtk+2.0 and gtk+3.0 packages fix security vulnerability

SRPMS

- 9/core/gtk+2.0-2.24.33-5.1.mga9

- 9/core/gtk+3.0-3.24.38-1.1.mga9

Severity
Publication date: 25 Sep 2024
URL: https://advisories.mageia.org/MGASA-2024-0312.html
Type: security
CVE: CVE-2024-6655

Related News

Essential Server Security Security Strategies for Administrators
5 - 9 min read
In the current threat landscape, Linux servers have emerged as a dominant force, underpinning approximately 81% of all websites globally. Despite
Google Chooses Passkeys Over Passwords: Examining the Security Benefits for Linux Users
2 - 4 min read
In a bold move towards a future without traditional passwords, Google has introduced secure passkey sign-ins across almost all devices, including
Linux Security Modules (LSM): SELinux vs AppArmor vs TOMOYO
3 - 6 min read
Linux has long been celebrated for its versatility, robustness, and vast array of security features it offers. A key aspect of maintaining and
Google Chrome 129: Addressing Crucial Vulnerabilities and Enhancing Security
2 - 4 min read
Google Chrome remains the crown jewel in the browser market, with an impressive user base of approximately 3.45 billion. However, this immense
Defending Against Malicious Web Shells: Lessons from the Apache AXIS Server Attack
2 - 4 min read
Hackers have recently been observed actively targeting the Apache AXIS server to deploy malicious web shells, exposing significant vulnerabilities
Emerging Mallox Ransomware Variant Targets Linux Using Kryptina Code
3 - 5 min read
A new variant of the Mallox ransomware, which traditionally targeted Windows systems, has been observed targeting Linux environments. This
TeamTNT Hackers Attacking VPS Servers Running CentOS
3 - 5 min read
Security researchers have recently observed an alarming resurgence of TeamTNT , a notorious hacking group known for targeting cloud infrastructures.
Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved