Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2024 Canonical, Inc. / NASL script (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-6963-1.NASL
HistoryAug 15, 2024 - 12:00 a.m.

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : GNOME Shell vulnerability (USN-6963-1)

2024-08-1500:00:00
Ubuntu Security Notice (C) 2024 Canonical, Inc. / NASL script (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
ubuntu 20.04 lts
ubuntu 22.04 lts
ubuntu 24.04 lts
gnome shell
vulnerability
usn-6963-1
remote attacker
portal helper
javascript-based attacks

AI Score

6.7

Confidence

Low

JSON

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6963-1 advisory.

It was discovered that GNOME Shell incorrectly opened the portal helper automatically when detecting a     captive network portal. A remote attacker could possibly use this issue to load arbitrary web pages     containing JavaScript, leading to resource consumption or other attacks.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-6963-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##

include('compat.inc');

if (description)
{
  script_id(205629);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/08/27");

  script_cve_id("CVE-2024-36472");
  script_xref(name:"USN", value:"6963-1");

  script_name(english:"Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : GNOME Shell vulnerability (USN-6963-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as
referenced in the USN-6963-1 advisory.

    It was discovered that GNOME Shell incorrectly opened the portal helper automatically when detecting a
    captive network portal. A remote attacker could possibly use this issue to load arbitrary web pages
    containing JavaScript, leading to resource consumption or other attacks.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-6963-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected gnome-shell, gnome-shell-common and / or gnome-shell-extension-prefs packages.");
  script_set_cvss_base_vector("CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-36472");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/05/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/08/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/08/15");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:24.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gnome-shell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gnome-shell-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gnome-shell-extension-prefs");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2024 Canonical, Inc. / NASL script (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('20.04' >< os_release || '22.04' >< os_release || '24.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 22.04 / 24.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '20.04', 'pkgname': 'gnome-shell', 'pkgver': '3.36.9-0ubuntu0.20.04.4'},
    {'osver': '20.04', 'pkgname': 'gnome-shell-common', 'pkgver': '3.36.9-0ubuntu0.20.04.4'},
    {'osver': '20.04', 'pkgname': 'gnome-shell-extension-prefs', 'pkgver': '3.36.9-0ubuntu0.20.04.4'},
    {'osver': '22.04', 'pkgname': 'gnome-shell', 'pkgver': '42.9-0ubuntu2.2'},
    {'osver': '22.04', 'pkgname': 'gnome-shell-common', 'pkgver': '42.9-0ubuntu2.2'},
    {'osver': '22.04', 'pkgname': 'gnome-shell-extension-prefs', 'pkgver': '42.9-0ubuntu2.2'},
    {'osver': '24.04', 'pkgname': 'gnome-shell', 'pkgver': '46.0-0ubuntu6~24.04.3'},
    {'osver': '24.04', 'pkgname': 'gnome-shell-common', 'pkgver': '46.0-0ubuntu6~24.04.3'},
    {'osver': '24.04', 'pkgname': 'gnome-shell-extension-prefs', 'pkgver': '46.0-0ubuntu6~24.04.3'}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  var extra = '';
  extra += ubuntu_report_get();
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : extra
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gnome-shell / gnome-shell-common / gnome-shell-extension-prefs');
}

Related

nessus 6
nvd 2
debiancve 1
oraclelinux 1
almalinux 1
osv 7
vulnrichment 1
openvas 3
redhat 1
ubuntu 1
cvelist 1
ubuntucve 1
mageia 1
redhatcve 1
cve 2
nessus
nessus
RHEL 8 : gnome-shell (RHSA-2024:5298)
2024-08-14 00:00:00
SUSE SLED12 / SLES12 Security Update : gnome-shell (SUSE-SU-2024:2589-1)
2024-07-23 00:00:00
GNOME Shell <= 45.7 Code Execution in Portal Helper (CVE-2024-36472)
2024-05-31 00:00:00
nvd
nvd
CVE-2024-36472
2024-05-28 16:15:17
CVE-2023-50977
2024-05-27 14:15:09
debiancve
debiancve
CVE-2024-36472
2024-05-28 16:15:17
oraclelinux
oraclelinux
gnome-shell security update
2024-08-13 00:00:00
almalinux
almalinux
Moderate: gnome-shell security update
2024-08-13 00:00:00
osv
osv
CVE-2024-36472
2024-05-28 16:15:17
Moderate: gnome-shell security update
2024-08-13 00:00:00
gnome-shell vulnerability
2024-08-15 13:19:28
vulnrichment
vulnrichment
CVE-2024-36472
1976-01-01 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2589-1)
2024-07-23 00:00:00
Ubuntu: Security Advisory (USN-6963-1)
2024-08-16 00:00:00
Mageia: Security Advisory (MGASA-2024-0314)
2024-09-27 00:00:00
redhat
redhat
(RHSA-2024:5298) Moderate: gnome-shell security update
2024-08-13 14:51:59
ubuntu
ubuntu
GNOME Shell vulnerability
2024-08-15 00:00:00
cvelist
cvelist
CVE-2024-36472
1976-01-01 00:00:00
ubuntucve
ubuntucve
CVE-2024-36472
2024-05-28 00:00:00
mageia
mageia
Updated gnome-shell packages fix security vulnerability
2024-09-27 04:30:52
redhatcve
redhatcve
CVE-2024-36472
2024-05-29 08:50:22
cve
cve
CVE-2024-36472
2024-05-28 16:15:17
CVE-2023-50977
2024-05-27 14:15:09

AI Score

6.7

Confidence

Low

JSON
Related for UBUNTU_USN-6963-1.NASL
nessus6nvd2debiancve1oraclelinux1almalinux1osv7vulnrichment1openvas3redhat1ubuntu1cvelist1ubuntucve1mageia1redhatcve1cve2