Language Selection

English French German Italian Portuguese Spanish

KDE DCop DoS Vulnerability prior to 3.4

Filed under
KDE
Security

Sebastian Krahmer has reported a vulnerability in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the authentication process in the DCOP (Desktop Communication Protocol) daemon dcopserver. This can be exploited to lock the dcopserver for arbitrary local users. Successful exploitation may result in decreased desktop functionality for the affected user.

The vulnerability has been reported in versions prior to 3.4.

Solution: Upgrade to KDE 3.4 or apply patch.

Click for more information and links to patches.

Original information on dot.kde.org.

More in Tux Machines

Linux Devices

Tanglu 4 "Dasyatis Kuhlii" Enters Beta, Ships with Linux Kernel 4.6 & GNOME 3.20

Matthias Klumpp informs the community about the availability of the first Beta build towards the Tanglu 4 "Dasyatis Kuhlii" GNU/Linux operating system, due for release later this year. Tanglu 4 "Dasyatis Kuhlii" Beta is distributed with the usual flavors, including with the KDE and GNOME desktop environments. A Core edition is available as well, designed for those who want to build their own Tanglu-based GNU/Linux distribution. Under the hood, all Tanglu 4 Beta editions are powered by a kernel from the Linux 4.6 series, along with the systemd 229 init system, but each one incorporates some of the latest open-source technologies that correspond to their user base. Read more

Parabola GNU/Linux New install medium 2016.07.27

Dual architecture (i686 and x86_64): Main ISO - Live ISO image for installation and recovery. MATE desktop ISO - Live ISO image for installation and recovery (with MATE Desktop Environment). TalkingParabola ISO - Live ISO image for installation and recovery (adapted for blind and visually impaired users) Read more

Linux Graphics