Red Hat Product Errata RHSA-2024:9915 - Security Advisory
Issued:
2024-11-19
Updated:
2024-11-19

RHSA-2024:9915 - Security Advisory

Synopsis

Moderate: gnome-shell security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gnome-shell is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GNOME Shell acts as a compositing manager for the desktop, and displays both application windows and other objects. It provides core interface functions like switching windows, launching applications, and notifications. It takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts.

Security Fix(es):

  • gnome-shell: code execution in portal helper (CVE-2024-36472)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x

Fixes

  • BZ - 2283750 - CVE-2024-36472 gnome-shell: code execution in portal helper

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
x86_64
gnome-shell-40.10-19.el9_4.x86_64.rpm SHA-256: 14335bc77f7a1a1f208f905df477648b422c38da4acf0ab275b31db6e549b56a
gnome-shell-debuginfo-40.10-19.el9_4.x86_64.rpm SHA-256: 55d5e0657c4dc449f0ddef2dd567096fb40f0b92bdae39f4a7697256e291240e
gnome-shell-debugsource-40.10-19.el9_4.x86_64.rpm SHA-256: 14f0c172acdcba23d820645f2e47a378e256b4be02dfa8675624bf0954437cf7

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
x86_64
gnome-shell-40.10-19.el9_4.x86_64.rpm SHA-256: 14335bc77f7a1a1f208f905df477648b422c38da4acf0ab275b31db6e549b56a
gnome-shell-debuginfo-40.10-19.el9_4.x86_64.rpm SHA-256: 55d5e0657c4dc449f0ddef2dd567096fb40f0b92bdae39f4a7697256e291240e
gnome-shell-debugsource-40.10-19.el9_4.x86_64.rpm SHA-256: 14f0c172acdcba23d820645f2e47a378e256b4be02dfa8675624bf0954437cf7

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
s390x
gnome-shell-40.10-19.el9_4.s390x.rpm SHA-256: e09bab8cf93cc42a2a4ac1d918d4cd7ee47a5e2983f1caf6269be0e29aebce25
gnome-shell-debuginfo-40.10-19.el9_4.s390x.rpm SHA-256: eebd56ca779ad5b16e1b249febc489bfc0a7d089342f7ce88b798e5e7290838d
gnome-shell-debugsource-40.10-19.el9_4.s390x.rpm SHA-256: a4dbeef5dc6843ab6c5ba04f26c80af65546bf56b054865564f2f631e0c20ad8

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
ppc64le
gnome-shell-40.10-19.el9_4.ppc64le.rpm SHA-256: 3df34585eaf754f3d28055929137a7dbdaab3375165bc7e3f81ef38aca3eaa7f
gnome-shell-debuginfo-40.10-19.el9_4.ppc64le.rpm SHA-256: 6cb475f00c3653b247712e6d37775e644d5b57cb5f5599bffe663e739fc5a310
gnome-shell-debugsource-40.10-19.el9_4.ppc64le.rpm SHA-256: a756220111183e722a2494ca57c6801d99ce9a595e6367539adff08c1c26b19f

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
aarch64
gnome-shell-40.10-19.el9_4.aarch64.rpm SHA-256: 34447eb27129a65da70bfc602f3c88a65d58ccc1d6de82b2582d529d76975987
gnome-shell-debuginfo-40.10-19.el9_4.aarch64.rpm SHA-256: 21bbc4c11b82dd60bb60f5e9b1e9fc99d7d06c29b2c8088d50ec27237dfebd18
gnome-shell-debugsource-40.10-19.el9_4.aarch64.rpm SHA-256: 5148a8ca15d4ce3c8a4067ef7c2d416225217b955a7f7005aa831cf442148b94

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
ppc64le
gnome-shell-40.10-19.el9_4.ppc64le.rpm SHA-256: 3df34585eaf754f3d28055929137a7dbdaab3375165bc7e3f81ef38aca3eaa7f
gnome-shell-debuginfo-40.10-19.el9_4.ppc64le.rpm SHA-256: 6cb475f00c3653b247712e6d37775e644d5b57cb5f5599bffe663e739fc5a310
gnome-shell-debugsource-40.10-19.el9_4.ppc64le.rpm SHA-256: a756220111183e722a2494ca57c6801d99ce9a595e6367539adff08c1c26b19f

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
x86_64
gnome-shell-40.10-19.el9_4.x86_64.rpm SHA-256: 14335bc77f7a1a1f208f905df477648b422c38da4acf0ab275b31db6e549b56a
gnome-shell-debuginfo-40.10-19.el9_4.x86_64.rpm SHA-256: 55d5e0657c4dc449f0ddef2dd567096fb40f0b92bdae39f4a7697256e291240e
gnome-shell-debugsource-40.10-19.el9_4.x86_64.rpm SHA-256: 14f0c172acdcba23d820645f2e47a378e256b4be02dfa8675624bf0954437cf7

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
aarch64
gnome-shell-40.10-19.el9_4.aarch64.rpm SHA-256: 34447eb27129a65da70bfc602f3c88a65d58ccc1d6de82b2582d529d76975987
gnome-shell-debuginfo-40.10-19.el9_4.aarch64.rpm SHA-256: 21bbc4c11b82dd60bb60f5e9b1e9fc99d7d06c29b2c8088d50ec27237dfebd18
gnome-shell-debugsource-40.10-19.el9_4.aarch64.rpm SHA-256: 5148a8ca15d4ce3c8a4067ef7c2d416225217b955a7f7005aa831cf442148b94

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
s390x
gnome-shell-40.10-19.el9_4.s390x.rpm SHA-256: e09bab8cf93cc42a2a4ac1d918d4cd7ee47a5e2983f1caf6269be0e29aebce25
gnome-shell-debuginfo-40.10-19.el9_4.s390x.rpm SHA-256: eebd56ca779ad5b16e1b249febc489bfc0a7d089342f7ce88b798e5e7290838d
gnome-shell-debugsource-40.10-19.el9_4.s390x.rpm SHA-256: a4dbeef5dc6843ab6c5ba04f26c80af65546bf56b054865564f2f631e0c20ad8

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
x86_64
gnome-shell-40.10-19.el9_4.x86_64.rpm SHA-256: 14335bc77f7a1a1f208f905df477648b422c38da4acf0ab275b31db6e549b56a
gnome-shell-debuginfo-40.10-19.el9_4.x86_64.rpm SHA-256: 55d5e0657c4dc449f0ddef2dd567096fb40f0b92bdae39f4a7697256e291240e
gnome-shell-debugsource-40.10-19.el9_4.x86_64.rpm SHA-256: 14f0c172acdcba23d820645f2e47a378e256b4be02dfa8675624bf0954437cf7

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
aarch64
gnome-shell-40.10-19.el9_4.aarch64.rpm SHA-256: 34447eb27129a65da70bfc602f3c88a65d58ccc1d6de82b2582d529d76975987
gnome-shell-debuginfo-40.10-19.el9_4.aarch64.rpm SHA-256: 21bbc4c11b82dd60bb60f5e9b1e9fc99d7d06c29b2c8088d50ec27237dfebd18
gnome-shell-debugsource-40.10-19.el9_4.aarch64.rpm SHA-256: 5148a8ca15d4ce3c8a4067ef7c2d416225217b955a7f7005aa831cf442148b94

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
ppc64le
gnome-shell-40.10-19.el9_4.ppc64le.rpm SHA-256: 3df34585eaf754f3d28055929137a7dbdaab3375165bc7e3f81ef38aca3eaa7f
gnome-shell-debuginfo-40.10-19.el9_4.ppc64le.rpm SHA-256: 6cb475f00c3653b247712e6d37775e644d5b57cb5f5599bffe663e739fc5a310
gnome-shell-debugsource-40.10-19.el9_4.ppc64le.rpm SHA-256: a756220111183e722a2494ca57c6801d99ce9a595e6367539adff08c1c26b19f

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4

SRPM
gnome-shell-40.10-19.el9_4.src.rpm SHA-256: 8e658d7237303126ba7d5b5db2b300ee7dbfefef4c0ef042bd06fce9c1e5e902
s390x
gnome-shell-40.10-19.el9_4.s390x.rpm SHA-256: e09bab8cf93cc42a2a4ac1d918d4cd7ee47a5e2983f1caf6269be0e29aebce25
gnome-shell-debuginfo-40.10-19.el9_4.s390x.rpm SHA-256: eebd56ca779ad5b16e1b249febc489bfc0a7d089342f7ce88b798e5e7290838d
gnome-shell-debugsource-40.10-19.el9_4.s390x.rpm SHA-256: a4dbeef5dc6843ab6c5ba04f26c80af65546bf56b054865564f2f631e0c20ad8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.