Language Selection

English French German Italian Portuguese Spanish

KDE KDM Vulnerability Elevation of Privilage

Filed under
KDE
Security

Sebastian Krahmer from the SUSE Security team has found a vulnerability in KDM which will allow a local user to elevate their privileges to root access. You can see more about vulnerability and install the fix below, although I expect all distributions to already have the fix applied, or to have it applied very shortly.

1. Systems affected:
KDM as shipped with KDE SC 2.2.0 up to including KDE SC 4.4.2

2. Overview:
KDM contains a race condition that allows local attackers to
make arbitrary files on the system world-writeable. This can
happen while KDM tries to create its control socket during
user login. This vulnerability has been discovered by
Sebastian Krahmer from the SUSE Security Team.

3. Impact:




More in Tux Machines

Blackmagic on GNU/Linux

  • Blackmagic Design Announces Fusion 8.2 is now available on Linux free of charge
    Blackmagic Design today announced that Fusion visual effects software is now available on the Linux platform. Linux is extremely popular in the world's leading visual effects production companies and this new Linux release is a major announcement for the visual effects industry. This new Linux version of Fusion and Fusion Studio means visual effects artists can select their preferred computing platform, as Fusion is now available on Mac OS X, Windows, and Linux. All project files are common, so customers can work collaboratively, even when different artists are running different platforms on the same job.
  • Blackmagic Puts Fusion 8.2 on Linux, Updates Duplicator
    Blackmagic Design released a pair of announcements, the first revealing that Fusion visual effects software is now available on the Linux platform, and second that it has release version 1.0.2 of Duplicator.
  • Blackmagic Design Announces Blackmagic Duplicator 1.0.2 Update

Remix OS and Chuwi

Ubuntu Touch OTA-12 Launches Today with Biometric Authentication for Meizu PRO 5

Today, July 27, 2016, Canonical will unveil the 12th Over-the-Air (OTA) software update for its Ubuntu mobile operating system that runs on supported Ubuntu Phone and Ubuntu Tablet devices. Read more

CORD open-source project