USN-6963-1 (GNOME Shell vulnerability)
USN-6963-1: GNOME Shell vulnerability
15 August 2024
GNOME Shell could allow unintended access to network services.
Releases
Ubuntu 24.04 LTS Ubuntu 22.04 LTS Ubuntu 20.04 LTS
Packages
gnome-shell - graphical shell for the GNOME desktop
Details
It was discovered that GNOME Shell incorrectly opened the portal helper
automatically when detecting a captive network portal. A remote attacker
could possibly use this issue to load arbitrary web pages containing
JavaScript, leading to resource consumption or other attacks.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 24.04
- gnome-shell - 46.0-0ubuntu6~24.04.3
- Ubuntu 22.04
- gnome-shell - 42.9-0ubuntu2.2
Ubuntu 20.04
- gnome-shell - 3.36.9-0ubuntu0.20.04.4
After a standard system update you need to restart your session to make all
the necessary changes.