What is the severity of REDHAT-BUG-644561?

REDAHT-BUG-644561 is categorized as a high-severity vulnerability due to its potential to allow arbitrary code execution.

How do I fix REDHAT-BUG-644561?

To fix REDHAT-BUG-644561, you should update to the patched version of gnome-shell provided by your Linux distribution.

What impact does REDHAT-BUG-644561 have on my system?

REDAHT-BUG-644561 can allow attackers to exploit the insecure LD_LIBRARY_PATH setting to execute arbitrary code, compromising the security of the system.

Who discovered REDHAT-BUG-644561?

REDAHT-BUG-644561 was discovered by Ludwig Nussel.

Is my system affected by REDHAT-BUG-644561?

If you are using gnome-shell on an affected distribution, your system may be vulnerable to REDHAT-BUG-644561.

Vulnerability/
REDHAT-BUG-644561

low

19/10/2010

29/9/2019

REDHAT-BUG-644561

First published: Tue Oct 19 2010(Updated: )

Ludwig Nussel discovered that gnome-shell contained a script that could be abused by an attacker to execute arbitrary code. The vulnerability is due to an insecure change to LD_LIBRARY_PATH, and environment variable used by ld.so(8) to look for libraries in directories other than the standard paths. When there is an empty item in the colon-separated list of directories in LD_LIBRARY_PATH, ld.so(8) treats it as a '.' (current working directory). If the given script is executed from a directory where a local attacker could write files, there is a chance for exploitation. In Fedora, /usr/bin/gnome-shell re-sets LD_LIBRARY_PATH insecurely: 163 if os.path.exists(mozjs_libdir + '/libmozjs.so'): 164 env['LD_LIBRARY_PATH'] = os.environ.get('LD_LIBRARY_PATH', '') + ':' + mozjs_libdir ... 206 return subprocess.Popen(args, env=env) A solution is to patch the script to test if LD_LIBRARY_PATH is previously set: if os.environ.get('LD_LIBRARY_PATH'): env['LD_LIBRARY_PATH'] = os.environ.get('LD_LIBRARY_PATH', '') + ':' + mozjs_libdir else: env['LD_LIBRARY_PATH'] = mozjs_libdir

Affected Software	Affected Version	How to fix
Ubuntu Yaru Theme for GNOME Shell

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of REDHAT-BUG-644561?
REDAHT-BUG-644561 is categorized as a high-severity vulnerability due to its potential to allow arbitrary code execution.
How do I fix REDHAT-BUG-644561?
To fix REDHAT-BUG-644561, you should update to the patched version of gnome-shell provided by your Linux distribution.
What impact does REDHAT-BUG-644561 have on my system?
REDAHT-BUG-644561 can allow attackers to exploit the insecure LD_LIBRARY_PATH setting to execute arbitrary code, compromising the security of the system.
Who discovered REDHAT-BUG-644561?
REDAHT-BUG-644561 was discovered by Ludwig Nussel.
Is my system affected by REDHAT-BUG-644561?
If you are using gnome-shell on an affected distribution, your system may be vulnerable to REDHAT-BUG-644561.

agent/references
agent/type
agent/first-publish-date
agent/last-modified-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-4000
agent/severity
agent/description
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/gnome
canonical/ubuntu yaru theme for gnome shell

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.