CVE-2023-43091 – CVE-2023-43091 is a critical code injection vul... (How to Fix)

Q: What is the severity of CVE-2023-43091?

CVE-2023-43091 has a CVSS score of 9.8 (CRITICAL). CVE-2023-43091 is a critical code injection vulnerability in GNOME Maps that allows arbitrary code execution via malicious service.json configuration files. This affects all GNOME Maps users who open or process untrusted configuration files. Attackers can achieve remote code execution with high privileges.

📋 TL;DR

CVE-2023-43091 is a critical code injection vulnerability in GNOME Maps that allows arbitrary code execution via malicious service.json configuration files. This affects all GNOME Maps users who open or process untrusted configuration files. Attackers can achieve remote code execution with high privileges.

💻 Affected Systems

Products:

GNOME Maps

Versions: All versions before commit d26cd774d524404ef7784e6808f551de83de4bea

Operating Systems: Linux distributions with GNOME desktop environment

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the service.json parsing functionality; any user who can modify or supply this file can trigger the vulnerability.

📦 What is this software?

Gnome Maps by Gnome

View all CVEs affecting Gnome Maps →

Gnome Maps by Gnome

View all CVEs affecting Gnome Maps →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining the same privileges as the GNOME Maps user, potentially leading to data theft, ransomware deployment, or lateral movement.

🟠

Likely Case

Local privilege escalation or remote code execution when users open malicious configuration files, leading to malware installation or data exfiltration.

🟢

If Mitigated

Limited impact with proper file permissions and user awareness, potentially only affecting isolated user sessions.

🌐 Internet-Facing: MEDIUM - While the vulnerability requires user interaction with malicious files, these could be delivered via web downloads or email attachments.

🏢 Internal Only: HIGH - Internal users could be tricked into opening malicious configuration files, leading to lateral movement within the network.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires the victim to open a malicious service.json file; no authentication bypass needed beyond file access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version containing commit d26cd774d524404ef7784e6808f551de83de4bea

Vendor Advisory: https://bugzilla.redhat.com/show_bug.cgi?id=2239091

Restart Required: No

Instructions:

1. Update GNOME Maps through your distribution's package manager. 2. For source installations, apply commit d26cd774d524404ef7784e6808f551de83de4bea. 3. Verify the fix by checking the version.

🔧 Temporary Workarounds

Restrict service.json file permissions

linux

Set strict file permissions on service.json to prevent unauthorized modifications

chmod 644 /path/to/service.json
chown root:root /path/to/service.json

Disable GNOME Maps

linux

Temporarily disable or remove GNOME Maps if not needed

sudo apt remove gnome-maps
sudo yum remove gnome-maps

🧯 If You Can't Patch

Implement strict file integrity monitoring on service.json files
Educate users about the risks of opening untrusted configuration files

🔍 How to Verify

Check if Vulnerable:

Check if GNOME Maps version predates commit d26cd774d524404ef7784e6808f551de83de4bea

Check Version:

gnome-maps --version

Verify Fix Applied:

Verify the installed version includes the security patch or check for the specific commit hash

📡 Detection & Monitoring

Log Indicators:

Unusual process execution from GNOME Maps
Modifications to service.json file

Network Indicators:

Outbound connections from GNOME Maps to unexpected destinations

SIEM Query:

process_name:"gnome-maps" AND (process_execution OR file_modification:service.json)

📊 Metadata

CVE ID: CVE-2023-43091

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-79

Published: November 17, 2024

Last Updated: August 6, 2025

🔗 References

https://bugzilla.redhat.com/show_bug.cgi?id=2239091 Issue Tracking,Third Party Advisory
https://gitlab.gnome.org/GNOME/gnome-maps/-/commit/d26cd774d524404ef7784e6808f551de83de4bea Patch
https://gitlab.gnome.org/GNOME/gnome-maps/-/issues/588 Exploit,Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-43091, you might also want to check these: