1-Click RCE on GNOME (CVE-2023-43641)


There is 1-Click RCE on GNOME Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641) - The GitHub Blog for libcue v2.2.1.

It has been fixed about 8 hours ago in v2.3.0, with fairly simple fix:

diff --git a/cd.c b/cd.c
index cf77a18..4bbea19 100644
--- a/cd.c
+++ b/cd.c
@@ -339,7 +339,7 @@ track_get_rem(const Track* track)

 void track_set_index(Track *track, int i, long ind)
-       if (i > MAXINDEX) {
+       if (i < 0 || i > MAXINDEX) {
                fprintf(stderr, "too many indexes\n");

Thanks for the info.

The latest version v2.3.0 is already in Arch repo,
it will probably come soon in Manjaro unstable branch today.

Synced unstable branch and pushed our overlay as libcue 2.3.0-0 to stable and testing branches. Thx for the detailed report.

It’s actually already been fixed with libcue 2.2.1-4 and tracker3-miners 3.6.1.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.