vulnerability

SUSE: CVE-2024-38394: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Jun 16, 2024	Jun 24, 2024	Dec 5, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Jun 16, 2024

Added

Jun 24, 2024

Modified

Dec 5, 2025

Description

Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel modules and filesystem implementations. NOTE: the GSD supplier indicates that consideration of a mitigation for this within GSD would be in the context of "a new feature, not a CVE."

Solutions

suse-upgrade-gnome-settings-daemonsuse-upgrade-gnome-settings-daemon-develsuse-upgrade-gnome-settings-daemon-lang

References

CVE-2024-38394
https://attackerkb.com/topics/CVE-2024-38394

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today