Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase its process scheduler priority leading to possible DoS of other services running in the same machine.
Created gnome-shell tracking bugs for this issue: Affects: fedora-all [bug 2026996]
Closing this bug as NOTABUG as any RHEL version is really affected by this.
Why did it take 5 months for this CVE to be made public? The only upstream reference in the CVE for this issue was closed as a duplicate. Please add these as references: https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2284 https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/2060