github.blog

Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641) (github.blog)

Today, in coordination with Ilya Lipnitskiy (the maintainer of libcue) and the distros mailing list, the GitHub Security Lab is disclosing CVE-2023-43641, a memory corruption vulnerability in libcue. We have also sent a text-only version of this blog post to the oss-security list....

  • All
  • Subscribed
  • Moderated
  • Favorites
  • localhost
  • All magazines
    •
    200 @ domain_entries
    HTTP status 200 OK
    Controller DomainFrontController
    Route name domain_entries
    Has session yes
    Stateless Check no
    Time 986 ms
    Total time 986 ms
    Initialization time 205 ms
    Memory 12.0 MiB
    Peak memory usage 12.0 MiB
    PHP memory limit 128 MiB
    Logger 87
    Errors 0
    Warnings 0
    Deprecations 87
    Cache 32 in 257.42 ms
    Cache Calls 32
    Total time 257.42 ms
    Cache hits 26 / 39 (66.67%)
    Cache writes 7
    2
    Default locale en
    Missing messages 2
    Fallback messages 0
    Defined messages 121
    Security n/a
    Authenticated No
    Firewall name main
    Twig 526 ms
    Entry View domain/front.html.twig
    Render Time 526 ms
    Template Calls 61
    Block Calls 16
    Macro Calls 0
    37 in 332 ms
    settings_row_switch 15
    user_settings_row_switch 4
    settings_row_enum 2
    entry 1
    user_inline 1
    date 1
    date_edited 1
    magazine_inline 1
    vote 1
    boost 1
    domain 1
    domain_sub 1
    related_magazines 1
    active_users 1
    related_categories 1
    related_posts 1
    related_entries 1
    support_us_block 1
    featured_magazines 1
    5 in 51.36 ms
    Database Queries 5
    Different statements 5
    Query time 51.36 ms
    Invalid entities 0
    Cache hits 19
    Cache misses 3
    Cache puts 4
    6.4.0
    Profiler token af9ccb
    Environment dev
    Debug enabled
    PHP version 8.2.26   View phpinfo()
    PHP Extensions Xdebug ✗ APCu ✓ OPcache ✓
    PHP SAPI apache2handler
    Resources Read Symfony 6.4.0 Docs
    Help Symfony Support Channels