Linux: This serious security flaw threatens the operating system – Lebigdata.fr

Researchers have just uncovered a new security flaw affecting the GNOME Linux system. The newly discovered threat exposes the victim system to Remote Code Execution (RCE) attacks.

When harmless libraries become a threat

Harmless libraries can sometimes pose a significant threat. It’s important to be on the lookout for potential threats. That’s exactly the case with this new Linux vulnerability. Researchers at the National Vulnerability Database (NVD), an American vulnerability management organization, provide the details.

The vulnerability puts GNOME Linux systems, including Ubuntu, at risk of remote code execution (RCE)..The threat is followed as CVE-2023-43641 which the researchers identify as a case of memory corruption libcue. Libcue is a library for parsing built-in cuesheet files Tracker miner (a search engine included by default with GNOME).

The vulnerability arises from an out-of-bounds array access in the track_set_index function. An attacker can exploit this by tricking a user into clicking on a malicious link and downloading a .cue file. The file is then automatically parsed by Tracker Miners, which uses libcue for parsing, resulting in code execution.

New Linux vulnerability: How to protect yourself from attack risks?

The flaw exploits libcue’s integration with Tracker Miners, Gnome’s file indexing service. According to the National Vulnerability Database, an attacker could use a maliciously encoded “cue sheet” to do this trigger the vulnerability and execute code remotely.

Tracker Miners is not directly vulnerable, but it does increase the impact of this flaw. The vulnerability only affects tracker extraction using libcue. It is essential for application vulnerability and security management Update your GNOME Linux systems and especially libcue to the latest versions.

The vulnerability actually affects libcue versions 2.2.1 and earlier. The vulnerability received a rating of 8.8. In other words, it is a serious threat. There are no workarounds at this time. So far only that Upgrading to the latest version helps mitigate attack risks.