A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote code execution (RCE) on affected hosts.
Tracked as CVE-2023-43641 (CVSS score: 8.8), the issue is described as a case of memory corruption in libcue, a library designed for parsing cue sheet files. It impacts versions 2.2.1 and prior.
libcue is incorporated into Tracker Miners, a search engine tool that's included by default in GNOME and indexes files in the system for easy access.
![[correlate]](/data/avatars/m/79/79653.jpg?1556985072){kind=avatar}
thehackernews.com
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
