In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code's behavior.

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6963-1 advisory.

    It was discovered that GNOME Shell incorrectly opened the portal helper automatically when detecting a     captive network portal. A remote attacker could possibly use this issue to load arbitrary web pages     containing JavaScript, leading to resource consumption or other attacks.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:5298 advisory.

    GNOME Shell acts as a compositing manager for the desktop, and displays both application windows and other     objects. It provides core interface functions like switching windows, launching applications, and     notifications. It takes advantage of the capabilities of modern graphics hardware and introduces     innovative user interface concepts.

    Security Fix(es):

    * gnome-shell: code execution in portal helper (CVE-2024-36472)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-5298 advisory.

    [3.32.2-56]
    - Only open portal login in response to user action       Resolves: RHEL-39097

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2618-1 advisory.

    - CVE-2024-36472: Fixed portal helper automatically launched without user confirmation (bsc#1225567)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2589-1 advisory.

    - CVE-2024-36472: Fixed portal helper automatically launched without user confirmation (bsc#1225567)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2576-1 advisory.

    - CVE-2024-36472: Fixed portal helper automatically launched without user confirmation (bsc#1225567)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code's behavior.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
205629	Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : GNOME Shell vulnerability (USN-6963-1)	Nessus	Ubuntu Local Security Checks	high
205501	RHEL 8 : gnome-shell (RHSA-2024:5298)	Nessus	Red Hat Local Security Checks	high
205478	Oracle Linux 8 : gnome-shell (ELSA-2024-5298)	Nessus	Oracle Linux Local Security Checks	medium
204890	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gnome-shell (SUSE-SU-2024:2618-1)	Nessus	SuSE Local Security Checks	medium
203008	SUSE SLED12 / SLES12 Security Update : gnome-shell (SUSE-SU-2024:2589-1)	Nessus	SuSE Local Security Checks	medium
203001	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gnome-shell (SUSE-SU-2024:2576-1)	Nessus	SuSE Local Security Checks	medium
198233	GNOME Shell <= 45.7 Code Execution in Portal Helper (CVE-2024-36472)	Nessus	Misc.	high

Detections

Analytics

CVE-2024-36472

high

Tenable Plugins

high

high

medium

medium

medium

medium

high