Security News > 2023 > October > libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks
2023-10-10 06:50
A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote code execution (RCE) on affected hosts. Tracked as CVE-2023-43641 (CVSS score: 8.8), the issue is described as a case of memory corruption in libcue, a library designed for parsing cue sheet files. It impacts versions 2.2.1 and prior. libcue is incorporated into
News URL
https://thehackernews.com/2023/10/libcue-library-flaw-opens-gnome-linux.html
Related news
- XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor (source)
- Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks (source)
- New Spectre v2 attack impacts Linux systems on Intel CPUs (source)
- Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks (source)
- Kimsuky hackers deploy new Linux backdoor in attacks on South Korea (source)
- Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-09 | CVE-2023-43641 | Out-of-bounds Write vulnerability in multiple products libcue provides an API for parsing and extracting data from CUE sheets. | 8.8 |