Main Vulnerability Database SB2024073027

SB2024073027 - SUSE update for gtk3

Published: July 30, 2024

Security Bulletin ID SB2024073027

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Untrusted search path (CVE-ID: CVE-2024-6655)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to usage of an untrusted search path. A local user can place a malicious binary into a current working directory and execute arbitrary code with escalated privileges.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2024/suse-su-20242633-1/

Vulnerable Software

Desktop Applications Module: 15-SP6
Basesystem Module: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
SUSE Linux Enterprise Desktop 15: SP6
gtk3-devel-64bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-tigrigna-64bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-amharic-64bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-xim-64bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-xim-64bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-vietnamese-64bit-debuginfo: before 3.24.38+111-150600.3.3.1
libgtk-3-0-64bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-tools-64bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-inuktitut-64bit-debuginfo: before 3.24.38+111-150600.3.3.1
libgtk-3-0-64bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-multipress-64bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-tigrigna-64bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-multipress-64bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-inuktitut-64bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-thai-64bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-tools-64bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-devel-64bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-amharic-64bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-vietnamese-64bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-thai-64bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-inuktitut-32bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-vietnamese-32bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-tigrigna-32bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-inuktitut-32bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-thai-32bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-tigrigna-32bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-amharic-32bit: before 3.24.38+111-150600.3.3.1
gtk3-tools-32bit: before 3.24.38+111-150600.3.3.1
libgtk-3-0-32bit: before 3.24.38+111-150600.3.3.1
gtk3-tools-32bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-xim-32bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-xim-32bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-amharic-32bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-devel-32bit-debuginfo: before 3.24.38+111-150600.3.3.1
libgtk-3-0-32bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-multipress-32bit-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-devel-32bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-multipress-32bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-thai-32bit: before 3.24.38+111-150600.3.3.1
gtk3-immodule-vietnamese-32bit-debuginfo: before 3.24.38+111-150600.3.3.1
libgtk-3-0-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-tigrigna-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-inuktitut: before 3.24.38+111-150600.3.3.1
gtk3-immodule-tigrigna: before 3.24.38+111-150600.3.3.1
gtk3-immodule-multipress: before 3.24.38+111-150600.3.3.1
gtk3-immodule-broadway-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-devel: before 3.24.38+111-150600.3.3.1
gtk3-immodule-multipress-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-tools: before 3.24.38+111-150600.3.3.1
gtk3-debugsource: before 3.24.38+111-150600.3.3.1
gtk3-immodule-xim: before 3.24.38+111-150600.3.3.1
gtk3-immodule-broadway: before 3.24.38+111-150600.3.3.1
gtk3-devel-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-vietnamese: before 3.24.38+111-150600.3.3.1
gtk3-immodule-inuktitut-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-thai-debuginfo: before 3.24.38+111-150600.3.3.1
libgtk-3-0: before 3.24.38+111-150600.3.3.1
gtk3-immodule-vietnamese-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-amharic: before 3.24.38+111-150600.3.3.1
gtk3-immodule-amharic-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-tools-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-xim-debuginfo: before 3.24.38+111-150600.3.3.1
gtk3-immodule-thai: before 3.24.38+111-150600.3.3.1
typelib-1_0-Gtk-3_0: before 3.24.38+111-150600.3.3.1
gtk3-data: before 3.24.38+111-150600.3.3.1
gettext-its-gtk3: before 3.24.38+111-150600.3.3.1
gtk3-schema: before 3.24.38+111-150600.3.3.1
gtk3-branding-upstream: before 3.24.38+111-150600.3.3.1
gtk3-devel-doc: before 3.24.38+111-150600.3.3.1
gtk3-lang: before 3.24.38+111-150600.3.3.1