Critical Flatpak Security Advisory for Mageia 2024-0229 Explores Arbitrary Code Execution Risk
A malicious or compromised Flatpak app could execute arbitrary code outside its sandbox
Summary
A malicious or compromised Flatpak app could execute arbitrary code
outside its sandbox.
References
- https://bugs.mageia.org/show_bug.cgi?id=33119
- https://www.openwall.com/lists/oss-security/2024/04/18/5
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32462
Resolution
MGASA-2024-0229 - Updated flatpak packages fix security vulnerability
SRPMS
- 9/core/flatpak-1.14.6-1.mga9
Severity
Publication date: 20 Jun 2024
URL: https://advisories.mageia.org/MGASA-2024-0229.html
Type: security
CVE: CVE-2024-32462
