CVE-2024-33904 Information

Description

In plugins/HookSystem.cpp in Hyprland through 0.39.1 (before 28c8561) through a race condition a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file.

Reference

https://www.openwall.com/lists/oss-security/2024/04/28/3 https://github.com/hyprwm/Hyprland/issues/5787 https://github.com/hyprwm/Hyprland/commit/28c85619243e6320e75d7abcfe8244fa99d054dd