23 matches found
Astra Linux – Vulnerability in glib2.0
A issue was discovered in GNOME GLib before version 2.78.5, and also in versions 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus...
[SECURITY] Fedora 42 Update: bustle-0.12.0-4.fc42
Bustle draws sequence diagrams of D-Bus activity, showing signal emissions, method calls and their corresponding returns, with timestamps for each individual event and the duration of each method call. This can help you check for unwanted D-Bus traffic, and pinpoint why your D-Bus-based applicati...
CLSA-2025-1762179202 glib2: Fix of CVE-2024-34397
CVE-2024-34397: fix GDBus signal subscriptions from unicast spoofing...
glib2: Signal subscription vulnerabilities
A flaw was found in GNOME GLib. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the...
Alibaba Cloud Linux 3 : 0201: glib2 (ALINUX3-SA-2024:0201)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0201 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-34397: An issue was discovered in GNOME GL...
EulerOS 2.0 SP10 : glib2 (EulerOS-SA-2025-1514)
According to the versions of the glib2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus- based client subscribes to signals from a...
EulerOS 2.0 SP10 : glib2 (EulerOS-SA-2025-1515)
According to the versions of the glib2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus- based client subscribes to signals from a...
Linux Distros Unpatched Vulnerability : CVE-2024-34397
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus- based client subscribes to signals from a trusted system...
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2024-2768)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2024-2750)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.12.0 : glib2 (EulerOS-SA-2024-2768)
According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus- based client subscribes to...
EulerOS Virtualization 2.12.1 : glib2 (EulerOS-SA-2024-2750)
According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus- based client subscribes to...
RHEL 8 : glib2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - glib2: Signal subscription vulnerabilities CVE-2024-34397 Note that Nessus has not tested for this issue but has...
Spoofing Attack
GNOME GLib is vulnerable to spoofing Attack. The vulnerability is due to inadequate validation of the source of D-Bus signals in GDBus-based clients, allowing spoofed signals from other users on a shared system to be accepted as legitimate...
Fedora 40 : mingw-glib2 (2024-2ce1c754f7)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2ce1c754f7 advisory. Update glib2 to fix CVE-2024-34397. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...
USN-6768-1 glib2.0 vulnerability
Alicia Boya García discovered that GLib incorrectly handled signal subscriptions. A local attacker could use this issue to spoof D-Bus signals resulting in a variety of impacts including possible privilege escalation...
CVE-2024-34397
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based...
CVE-2024-34397
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based...
CVE-2024-34397
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based...
UBUNTU-CVE-2024-34397
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based...