Bug 2088691 (CVE-2022-1736) - CVE-2022-1736 gnome-control-center: GNOME Settings could allow unintended access to network services.
Summary: CVE-2022-1736 gnome-control-center: GNOME Settings could allow unintended acc...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2022-1736
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2090743 2090746 2090747
Blocks: 2088692
TreeView+ depends on / blocked
 
Reported: 2022-05-20 05:42 UTC by Avinash Hanwate
Modified: 2022-05-31 09:30 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in Gnome Control Center. When turning off RDP Remote Desktop Sharing with gnome-control-center, it would only turn off RDP sharing for the current session. RDP Sharing was enabled again without any additional user interaction or notification upon logging back in.
Clone Of:
Environment:
Last Closed: 2022-05-30 10:51:34 UTC
Embargoed:

Attachments (Terms of Use)

Description Avinash Hanwate 2022-05-20 05:42:11 UTC 
It was discovered that GNOME Settings incorrectly handled the remote desktop sharing configuration. When turning off desktop sharing, it may be
turned on again after rebooting, contrary to expectations.

References:
  https://ubuntu.com/security/notices/USN-5430-1
  https://launchpad.net/ubuntu/+source/gnome-control-center/1:41.4-1ubuntu13.2
Comment 1 Sandipan Roy 2022-05-26 13:18:14 UTC 
https://gitlab.gnome.org/GNOME/gnome-control-center/-/issues/1825
https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/1971415
Comment 2 Sandipan Roy 2022-05-26 13:21:18 UTC 
Created gnome-control-center tracking bugs for this issue:

Affects: fedora-all [bug 2090743]
Note You need to log in before you can comment on or make changes to this bug.