Language Selection

English French German Italian Portuguese Spanish

KDE KDM Vulnerability Elevation of Privilage

Filed under
KDE
Security

Sebastian Krahmer from the SUSE Security team has found a vulnerability in KDM which will allow a local user to elevate their privileges to root access. You can see more about vulnerability and install the fix below, although I expect all distributions to already have the fix applied, or to have it applied very shortly.

1. Systems affected:
KDM as shipped with KDE SC 2.2.0 up to including KDE SC 4.4.2

2. Overview:
KDM contains a race condition that allows local attackers to
make arbitrary files on the system world-writeable. This can
happen while KDM tries to create its control socket during
user login. This vulnerability has been discovered by
Sebastian Krahmer from the SUSE Security Team.

3. Impact:




More in Tux Machines

Xubuntu 15.04: quick screenshot tour

The 23rd of April 2015 was the date when Canonical released the set of their new operating systems: Ubuntu 15.04 family. It includes Ubuntu itself, Ubuntu MATE and GNOME editions, Kubuntu, Xubuntu, Lubuntu and so on. Read more

Another Surprise: Mageia 5 RC is available!

I don't know why DistroWatch seemed to have missed it, but Mageia 5 RC is available for download. Read more

Another Surprise: Mageia 5 RC is available!

I don't know why DistroWatch seemed to have missed it, but Mageia 5 RC is available for download. Read more

Another Surprise: Mageia 5 RC is available!

I don't know why DistroWatch seemed to have missed it, but Mageia 5 RC is available for download. Read more