Lucene search

GoogleOSV:USN-6768-1

HistoryMay 09, 2024 - 1:13 p.m.

glib2.0 vulnerability

2024-05-0913:13:10

Google

osv.dev

glib

signal subscriptions

d-bus

privilege escalation

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.1%

JSON

Alicia Boya García discovered that GLib incorrectly handled signal
subscriptions. A local attacker could use this issue to spoof D-Bus signals
resulting in a variety of impacts including possible privilege escalation.

References

ubuntu.com/security/CVE-2024-34397

ubuntu.com/security/notices/USN-6768-1