Medium severity6.5NVD Advisory· Published May 28, 2024· Updated Apr 15, 2026
CVE-2024-36472
CVE-2024-36472
Description
In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code's behavior.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
37- Range: <=45.7
- osv-coords36 versionspkg:rpm/almalinux/gnome-classic-sessionpkg:rpm/almalinux/gnome-shellpkg:rpm/almalinux/gnome-shell-extension-apps-menupkg:rpm/almalinux/gnome-shell-extension-auto-move-windowspkg:rpm/almalinux/gnome-shell-extension-classification-bannerpkg:rpm/almalinux/gnome-shell-extension-commonpkg:rpm/almalinux/gnome-shell-extension-custom-menupkg:rpm/almalinux/gnome-shell-extension-dash-to-dockpkg:rpm/almalinux/gnome-shell-extension-dash-to-panelpkg:rpm/almalinux/gnome-shell-extension-desktop-iconspkg:rpm/almalinux/gnome-shell-extension-drive-menupkg:rpm/almalinux/gnome-shell-extension-gesture-inhibitorpkg:rpm/almalinux/gnome-shell-extension-heads-up-displaypkg:rpm/almalinux/gnome-shell-extension-launch-new-instancepkg:rpm/almalinux/gnome-shell-extension-native-window-placementpkg:rpm/almalinux/gnome-shell-extension-panel-favoritespkg:rpm/almalinux/gnome-shell-extension-places-menupkg:rpm/almalinux/gnome-shell-extension-screenshot-window-sizerpkg:rpm/almalinux/gnome-shell-extension-systemMonitorpkg:rpm/almalinux/gnome-shell-extension-top-iconspkg:rpm/almalinux/gnome-shell-extension-updates-dialogpkg:rpm/almalinux/gnome-shell-extension-user-themepkg:rpm/almalinux/gnome-shell-extension-window-listpkg:rpm/almalinux/gnome-shell-extension-windowsNavigatorpkg:rpm/almalinux/gnome-shell-extension-workspace-indicatorpkg:rpm/opensuse/gnome-shell&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/gnome-shell&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/gnome-shell&distro=openSUSE%20Tumbleweedpkg:rpm/suse/gnome-shell&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5pkg:rpm/suse/gnome-shell&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/gnome-shell&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/gnome-shell&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/gnome-shell&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/gnome-shell&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/gnome-shell&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5pkg:rpm/suse/gnome-shell&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6
< 40.7-19.el9+ 35 more
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 3.32.2-56.el8_10
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 40.7-19.el9
- (no CPE)range: < 41.9-150400.3.11.1
- (no CPE)range: < 45.3-150600.5.6.1
- (no CPE)range: < 46.3.1-2.1
- (no CPE)range: < 41.9-150400.3.11.1
- (no CPE)range: < 45.3-150600.5.6.1
- (no CPE)range: < 3.20.4-77.28.1
- (no CPE)range: < 3.20.4-77.28.1
- (no CPE)range: < 3.20.4-77.28.1
- (no CPE)range: < 3.20.4-77.28.1
- (no CPE)range: < 41.9-150400.3.11.1
- (no CPE)range: < 45.3-150600.5.6.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.