CVE-2024-36472 Information

Description

In GNOME Shell through 45.7 a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g. an adversary who controls the local Wi-Fi network) and subsequently loads untrusted JavaScript code which may lead to resource consumption or other impacts depending on the JavaScript code’s behavior.

Reference

https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/7688