CVE-2024-5148: 
Linux Ubuntu vulnerability analysis and mitigation

A critical vulnerability (CVE-2024-5148) was discovered in GNOME Remote Desktop versions 46.0 and 46.1. The vulnerability stems from inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. This flaw affects the gnome-remote-desktop system daemon, which was introduced in version 46 to enable remote graphical sessions through the GNOME Display Manager (GDM) (SecurityOnline, NVD).

The vulnerability exists in an unauthenticated D-Bus interface, which allows any local user to interact with sensitive system functions. The issue specifically involves the 'Dispatcher' and 'Handover' interfaces that are not properly authorized and are accessible to all local users in the system. The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (RedHat).

The vulnerability can lead to multiple security implications: exposure of the system RDP TLS certificate and private key to unauthorized users, leak of system credentials in cleartext, and potential hijacking of RDP client connections during the login screen-to-user session transition. This compromises the integrity and privacy of RDP connections on affected systems (SecurityOnline).

Organizations and individuals using GNOME Remote Desktop versions 46.0 or 46.1 are strongly advised to update to version 46.2 or later. The bug fix in version 46.2 restricts access to the handover interface to authorized users only, mitigating the risk of unauthorized access. The fix is implemented through commit 9fbaae1a, which ensures that only the user for whom a new session has been created can call the handover interface (SecurityOnline).