Language Selection

English French German Italian Portuguese Spanish

KDE DCop DoS Vulnerability prior to 3.4

Filed under
KDE
Security

Sebastian Krahmer has reported a vulnerability in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the authentication process in the DCOP (Desktop Communication Protocol) daemon dcopserver. This can be exploited to lock the dcopserver for arbitrary local users. Successful exploitation may result in decreased desktop functionality for the affected user.

The vulnerability has been reported in versions prior to 3.4.

Solution: Upgrade to KDE 3.4 or apply patch.

Click for more information and links to patches.

Original information on dot.kde.org.

More in Tux Machines

GNOME Control Center 3.22 to Update the Keyboard Settings, Improve Networking

The upcoming GNOME 3.22 desktop environment is still in the works, and a first Beta build was seeded to public beta testers last week, bringing multiple enhancements and new features to most of its core components and apps. While GNOME 3.22 Beta was announced on August 22, it appears that the maintainers of certain core packages needed a little more time to work on various improvements and polish their applications before they were suitable for public testing. And this is the case of GNOME Control Center, which was recently updated to version 3.21.90, which means 3.22 Beta. Read more

today's howtos

OpenShot 2.1

Canonical Releases Snapd 2.13 Snappy Tool for Ubuntu 16.04 and Fedora 24 (COPR)

Canonical's Michael Vogt has been happy to announce the release and immediate availability of a new maintenance update of the Snapd daemon that implements support for Snap universal binary packages in GNU/Linux distributions. Read more Also: