Jump to:

CVE-2024-6655

Jump to:

CVE-2024-6655

Package libgtk+3 updated to version 3.24.43-alt1 for branch p11 in task 352634.

Published: 2024-07-16
Modified: 2025-03-14

CVE-2024-6655

A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory.

References:

http://www.openwall.com/lists/oss-security/2024/09/09/1
RHSA-2024:6963
RHSA-2024:9184
https://access.redhat.com/security/cve/CVE-2024-6655
https://access.redhat.com/security/cve/CVE-2024-6655
RHBZ#2297098
RHBZ#2297098
https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/7361/diffs?commit_id=3bbf0b6176d42836d23c36a6ac410e807ec0a7a7#diff-content-e3fbe6480add9420b69f82374fb26ccac2c015a0
https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/7361/diffs?commit_id=3bbf0b6176d42836d23c36a6ac410e807ec0a7a7#diff-content-e3fbe6480add9420b69f82374fb26ccac2c015a0
https://www.openwall.com/lists/oss-security/2024/09/09/1

Version: 2.1.0

Package libgtk+3 update in p11 on 2024-07-23

ALT-PU-2024-9862-2

Closed vulnerabilities

CVE-2024-6655