GNOME applet for NetworkManager: Arbitrary file read/write

GNOME applet for NetworkManager: Arbitrary file read/write A vulnerability has been found in GNOME applet for NetworkManager allowing local attackers to access the local filesystem. nm-applet 2017-07-08 2017-08-06 613768 local 1.4.6-r1 1.4.6-r1

GNOME applet for NetworkManager is a GTK+ 3 front-end which works under Xorg environments with a systray.

Frederic Bardy and Quentin Biguenet discovered that GNOME applet for NetworkManager incorrectly checked permissions when connecting to certain wireless networks.

A local attacker could bypass security restrictions at the login screen to access local files.

There is no known workaround at this time.

All GNOME applet for NetworkManager users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=gnome-extra/nm-applet-1.4.6-r1"

CVE-2017-6590 BlueKnight whissi