Security News > 2023 > October > GNOME Linux systems exposed to RCE attacks via file downloads

A memory corruption vulnerability in the open-source libcue library can let attackers execute arbitrary code on Linux systems running the GNOME desktop environment.

Libcue, a library designed for parsing cue sheet files, is integrated into the Tracker Miners file metadata indexer, which is included by default in the latest GNOME versions.

GNOME is a widely used desktop environment across various Linux distributions such as Debian, Ubuntu, Fedora, Red Hat Enterprise, and SUSE Linux Enterprise.

Attackers can successfully exploit the flaw in question to execute malicious code by taking advantage of Tracker Miners automatically indexing all downloaded files to update the search index on GNOME Linux devices.

While successful exploitation of CVE-2023-43641 requires tricking a potential victim into downloading a.cue file, ​admins are advised to patch systems and mitigate the risks posed by this security flaw, as it provides code execution on devices running the latest releases of widely used Linux distros, including Debian, Fedora, and Ubuntu.

Backhouse has found other severe Linux security flaws in recent years, including a privilege escalation bug in the GNOME Display Manager and an authentication bypass in the polkit auth system service installed by default on many modern Linux platforms.

News URL

https://www.bleepingcomputer.com/news/security/gnome-linux-systems-exposed-to-rce-attacks-via-file-downloads/