In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code’s behavior.
CPE | Name | Operator | Version |
---|---|---|---|
gnome-shell | eq | 3.6.0 | |
gnome-shell | eq | 3.1.3 | |
gnome-shell | eq | 3.11.3 | |
gnome-shell | eq | 3.29.92 | |
gnome-shell | eq | 2.91.5 | |
gnome-shell | eq | 3.5.4 | |
gnome-shell | eq | 3.17.3 | |
gnome-shell | eq | 3.0.0 | |
gnome-shell | eq | 3.16.0 | |
gnome-shell | eq | 3.7.92 |