aosc-os-abbs icon indicating copy to clipboard operation
aosc-os-abbs copied to clipboard

Published 20 hours ago verified publisher icon AOSC-Dev

nautilus: CVE-2022-37290

Open CamberLoid opened this issue 1 year ago • 0 comments

CVE IDs

CVE-2022-37290

Other security advisory IDs

  • Ubuntu: https://ubuntu.com/security/notices/USN-5786-1

Description

GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive. See also:

  • https://gitlab.gnome.org/GNOME/nautilus/-/issues/2376
  • https://gitlab.gnome.org/GNOME/nautilus/-/merge_requests/1001

Patches

  • https://gitlab.gnome.org/GNOME/nautilus/-/commit/75992c6797094413a546c5b4867b13450b2a1959
  • Or, update to 43.x, which may require the entire gnome update to 43

PoC(s)

N/A

Notes

This is a CVE with low severity. Processing of this will be squashed to the upcoming Roll-up topic

CamberLoid avatar Jun 14 '23 07:06 CamberLoid