| |
Vulnerability CVE-2023-50977
Published: 2024-05-27
| Description: |
In GNOME Shell through 45.2, unauthenticated remote code execution can be achieved by intercepting two DNS requests (GNOME Network Manager and GNOME Shell Portal Helper connectivity checks), and responding with attacker-specific IP addresses. This DNS hijacking causes GNOME Captive Portal to be launched via a WebKitGTK browser, by default, on the victim system; this can run JavaScript code inside a sandbox. NOTE: the vendor's position is that this is not a vulnerability because running JavaScript code inside a sandbox is the intended behavior. |
References: |
https://gitlab.gnome.org/GNOME/gnome-shell/-/blob/ceed3e07e44f2cd1bfdbf273523abc0bb4bbd8c1/js/portalHelper/main.js
https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/7666
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
