Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:3963 - Security Advisory
Issued:
2024-06-17
Updated:
2024-06-17

RHSA-2024:3963 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: flatpak security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for flatpak is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.

Security Fix(es):

  • flatpak: sandbox escape via RequestBackground portal (CVE-2024-32462)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Fixes

  • BZ - 2275981 - CVE-2024-32462 flatpak: sandbox escape via RequestBackground portal

CVEs

  • CVE-2024-32462

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4

SRPM
flatpak-1.8.5-5.el8_4.src.rpm SHA-256: f119a5554bde0701908130458ca926444a6f5899a217a37597b88d53b4567bb7
x86_64
flatpak-1.8.5-5.el8_4.x86_64.rpm SHA-256: 31df0ba3a38f359ba13987485395ec4f69ec2f87483a10d09ebc559d8a5ad3a2
flatpak-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: b0e7f476229fece608ad34067d5b27a677c9b93051388c2ecbf89c1662233683
flatpak-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 6647b425be3460893781f1463c8eb49d1faf5907e0b2daedd59aa2c99d117f24
flatpak-debugsource-1.8.5-5.el8_4.i686.rpm SHA-256: 289efe5fe9a1507089a0d079096ad546e00e114ce178556c25a6719e13d2fa14
flatpak-debugsource-1.8.5-5.el8_4.x86_64.rpm SHA-256: 9fa86e6c2fef9b2c3655b562056c6f6437f6e574aab19de0b9a907e31390af4d
flatpak-libs-1.8.5-5.el8_4.i686.rpm SHA-256: 0ecefecad13b43cf2ae8ddf311cef2971bcccaddb131c8cde49f932207cc74a5
flatpak-libs-1.8.5-5.el8_4.x86_64.rpm SHA-256: 3d5519f711cbc6ec2c416157fdca606e8a2c546f5c56c5a6fe8789803f9adc90
flatpak-libs-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: ba71adaefaf1f801c867a2b554c5d75407cc5e2c3b5017c1384b140469b7cafe
flatpak-libs-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: fb73c779ed3130589b6b59a729f2e6d0357d089bed1a0173f224a6617ae25617
flatpak-selinux-1.8.5-5.el8_4.noarch.rpm SHA-256: e117be17762f40ec1945bb54b1ea9e281e9f4e4335c1918ada0735f9a2b808e2
flatpak-session-helper-1.8.5-5.el8_4.x86_64.rpm SHA-256: 391f3188f9b93b940d9a0998c6fd9dcb1e20b468a26cc35bc2d32b6840fe9cef
flatpak-session-helper-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: 4bdb92b7f49b3305c2fafd9f79a80406cc4aa8399184f745060205766f6e9ae8
flatpak-session-helper-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 2518e97cc042305260577ca0c76973fb515dd17f25ccaf53250b2c0d9e3909a8
flatpak-tests-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: 0fd4d7bc10e1c720375b37fbe1866b5b0de1ee21e7e61b71a76c5bd50a307685
flatpak-tests-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 1796864a597cbad26c145c7048229d55ef6aa3668169bae618b553feb1f8f251

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
flatpak-1.8.5-5.el8_4.src.rpm SHA-256: f119a5554bde0701908130458ca926444a6f5899a217a37597b88d53b4567bb7
x86_64
flatpak-1.8.5-5.el8_4.x86_64.rpm SHA-256: 31df0ba3a38f359ba13987485395ec4f69ec2f87483a10d09ebc559d8a5ad3a2
flatpak-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: b0e7f476229fece608ad34067d5b27a677c9b93051388c2ecbf89c1662233683
flatpak-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 6647b425be3460893781f1463c8eb49d1faf5907e0b2daedd59aa2c99d117f24
flatpak-debugsource-1.8.5-5.el8_4.i686.rpm SHA-256: 289efe5fe9a1507089a0d079096ad546e00e114ce178556c25a6719e13d2fa14
flatpak-debugsource-1.8.5-5.el8_4.x86_64.rpm SHA-256: 9fa86e6c2fef9b2c3655b562056c6f6437f6e574aab19de0b9a907e31390af4d
flatpak-libs-1.8.5-5.el8_4.i686.rpm SHA-256: 0ecefecad13b43cf2ae8ddf311cef2971bcccaddb131c8cde49f932207cc74a5
flatpak-libs-1.8.5-5.el8_4.x86_64.rpm SHA-256: 3d5519f711cbc6ec2c416157fdca606e8a2c546f5c56c5a6fe8789803f9adc90
flatpak-libs-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: ba71adaefaf1f801c867a2b554c5d75407cc5e2c3b5017c1384b140469b7cafe
flatpak-libs-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: fb73c779ed3130589b6b59a729f2e6d0357d089bed1a0173f224a6617ae25617
flatpak-selinux-1.8.5-5.el8_4.noarch.rpm SHA-256: e117be17762f40ec1945bb54b1ea9e281e9f4e4335c1918ada0735f9a2b808e2
flatpak-session-helper-1.8.5-5.el8_4.x86_64.rpm SHA-256: 391f3188f9b93b940d9a0998c6fd9dcb1e20b468a26cc35bc2d32b6840fe9cef
flatpak-session-helper-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: 4bdb92b7f49b3305c2fafd9f79a80406cc4aa8399184f745060205766f6e9ae8
flatpak-session-helper-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 2518e97cc042305260577ca0c76973fb515dd17f25ccaf53250b2c0d9e3909a8
flatpak-tests-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: 0fd4d7bc10e1c720375b37fbe1866b5b0de1ee21e7e61b71a76c5bd50a307685
flatpak-tests-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 1796864a597cbad26c145c7048229d55ef6aa3668169bae618b553feb1f8f251

Red Hat Enterprise Linux Server - TUS 8.4

SRPM
flatpak-1.8.5-5.el8_4.src.rpm SHA-256: f119a5554bde0701908130458ca926444a6f5899a217a37597b88d53b4567bb7
x86_64
flatpak-1.8.5-5.el8_4.x86_64.rpm SHA-256: 31df0ba3a38f359ba13987485395ec4f69ec2f87483a10d09ebc559d8a5ad3a2
flatpak-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: b0e7f476229fece608ad34067d5b27a677c9b93051388c2ecbf89c1662233683
flatpak-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 6647b425be3460893781f1463c8eb49d1faf5907e0b2daedd59aa2c99d117f24
flatpak-debugsource-1.8.5-5.el8_4.i686.rpm SHA-256: 289efe5fe9a1507089a0d079096ad546e00e114ce178556c25a6719e13d2fa14
flatpak-debugsource-1.8.5-5.el8_4.x86_64.rpm SHA-256: 9fa86e6c2fef9b2c3655b562056c6f6437f6e574aab19de0b9a907e31390af4d
flatpak-libs-1.8.5-5.el8_4.i686.rpm SHA-256: 0ecefecad13b43cf2ae8ddf311cef2971bcccaddb131c8cde49f932207cc74a5
flatpak-libs-1.8.5-5.el8_4.x86_64.rpm SHA-256: 3d5519f711cbc6ec2c416157fdca606e8a2c546f5c56c5a6fe8789803f9adc90
flatpak-libs-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: ba71adaefaf1f801c867a2b554c5d75407cc5e2c3b5017c1384b140469b7cafe
flatpak-libs-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: fb73c779ed3130589b6b59a729f2e6d0357d089bed1a0173f224a6617ae25617
flatpak-selinux-1.8.5-5.el8_4.noarch.rpm SHA-256: e117be17762f40ec1945bb54b1ea9e281e9f4e4335c1918ada0735f9a2b808e2
flatpak-session-helper-1.8.5-5.el8_4.x86_64.rpm SHA-256: 391f3188f9b93b940d9a0998c6fd9dcb1e20b468a26cc35bc2d32b6840fe9cef
flatpak-session-helper-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: 4bdb92b7f49b3305c2fafd9f79a80406cc4aa8399184f745060205766f6e9ae8
flatpak-session-helper-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 2518e97cc042305260577ca0c76973fb515dd17f25ccaf53250b2c0d9e3909a8
flatpak-tests-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: 0fd4d7bc10e1c720375b37fbe1866b5b0de1ee21e7e61b71a76c5bd50a307685
flatpak-tests-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 1796864a597cbad26c145c7048229d55ef6aa3668169bae618b553feb1f8f251

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4

SRPM
flatpak-1.8.5-5.el8_4.src.rpm SHA-256: f119a5554bde0701908130458ca926444a6f5899a217a37597b88d53b4567bb7
ppc64le
flatpak-1.8.5-5.el8_4.ppc64le.rpm SHA-256: 2fb398add39d3f6ab2fe7c7af948f035fb1b2df423800ebc9a2dff82695b1490
flatpak-debuginfo-1.8.5-5.el8_4.ppc64le.rpm SHA-256: 494c5e741add5791b5e6b478c0be211270209cb787afdcec07968e3f7405a693
flatpak-debugsource-1.8.5-5.el8_4.ppc64le.rpm SHA-256: ee9b7152ba33a7864972a395b069a27d2a7999251c39aa7d4fe16b250657f615
flatpak-libs-1.8.5-5.el8_4.ppc64le.rpm SHA-256: 183b089afdc1badec2f51bc0dbcde3f3216f3a29af839fcb64c645de3b058a8d
flatpak-libs-debuginfo-1.8.5-5.el8_4.ppc64le.rpm SHA-256: 5486e6f6b4e6b334719a4705c0bd3370d49dcdf3588d0253234a0b63cd576faf
flatpak-selinux-1.8.5-5.el8_4.noarch.rpm SHA-256: e117be17762f40ec1945bb54b1ea9e281e9f4e4335c1918ada0735f9a2b808e2
flatpak-session-helper-1.8.5-5.el8_4.ppc64le.rpm SHA-256: 44adf3267e3bb51ed90d38edbbf345c2f96af609392b7460cc9b061e6a322830
flatpak-session-helper-debuginfo-1.8.5-5.el8_4.ppc64le.rpm SHA-256: 0ebab65b386d1361b097081546948057bc01adb98b597558cc7bb7156a9dae69
flatpak-tests-debuginfo-1.8.5-5.el8_4.ppc64le.rpm SHA-256: 0efd45c54780872c8dd2575423f45888a510ce087785c16f55a47dbfb676bd24

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4

SRPM
flatpak-1.8.5-5.el8_4.src.rpm SHA-256: f119a5554bde0701908130458ca926444a6f5899a217a37597b88d53b4567bb7
x86_64
flatpak-1.8.5-5.el8_4.x86_64.rpm SHA-256: 31df0ba3a38f359ba13987485395ec4f69ec2f87483a10d09ebc559d8a5ad3a2
flatpak-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: b0e7f476229fece608ad34067d5b27a677c9b93051388c2ecbf89c1662233683
flatpak-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 6647b425be3460893781f1463c8eb49d1faf5907e0b2daedd59aa2c99d117f24
flatpak-debugsource-1.8.5-5.el8_4.i686.rpm SHA-256: 289efe5fe9a1507089a0d079096ad546e00e114ce178556c25a6719e13d2fa14
flatpak-debugsource-1.8.5-5.el8_4.x86_64.rpm SHA-256: 9fa86e6c2fef9b2c3655b562056c6f6437f6e574aab19de0b9a907e31390af4d
flatpak-libs-1.8.5-5.el8_4.i686.rpm SHA-256: 0ecefecad13b43cf2ae8ddf311cef2971bcccaddb131c8cde49f932207cc74a5
flatpak-libs-1.8.5-5.el8_4.x86_64.rpm SHA-256: 3d5519f711cbc6ec2c416157fdca606e8a2c546f5c56c5a6fe8789803f9adc90
flatpak-libs-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: ba71adaefaf1f801c867a2b554c5d75407cc5e2c3b5017c1384b140469b7cafe
flatpak-libs-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: fb73c779ed3130589b6b59a729f2e6d0357d089bed1a0173f224a6617ae25617
flatpak-selinux-1.8.5-5.el8_4.noarch.rpm SHA-256: e117be17762f40ec1945bb54b1ea9e281e9f4e4335c1918ada0735f9a2b808e2
flatpak-session-helper-1.8.5-5.el8_4.x86_64.rpm SHA-256: 391f3188f9b93b940d9a0998c6fd9dcb1e20b468a26cc35bc2d32b6840fe9cef
flatpak-session-helper-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: 4bdb92b7f49b3305c2fafd9f79a80406cc4aa8399184f745060205766f6e9ae8
flatpak-session-helper-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 2518e97cc042305260577ca0c76973fb515dd17f25ccaf53250b2c0d9e3909a8
flatpak-tests-debuginfo-1.8.5-5.el8_4.i686.rpm SHA-256: 0fd4d7bc10e1c720375b37fbe1866b5b0de1ee21e7e61b71a76c5bd50a307685
flatpak-tests-debuginfo-1.8.5-5.el8_4.x86_64.rpm SHA-256: 1796864a597cbad26c145c7048229d55ef6aa3668169bae618b553feb1f8f251

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility