Language Selection

English French German Italian Portuguese Spanish

KDE KDM Vulnerability Elevation of Privilage

Filed under
KDE
Security

Sebastian Krahmer from the SUSE Security team has found a vulnerability in KDM which will allow a local user to elevate their privileges to root access. You can see more about vulnerability and install the fix below, although I expect all distributions to already have the fix applied, or to have it applied very shortly.

1. Systems affected:
KDM as shipped with KDE SC 2.2.0 up to including KDE SC 4.4.2

2. Overview:
KDM contains a race condition that allows local attackers to
make arbitrary files on the system world-writeable. This can
happen while KDM tries to create its control socket during
user login. This vulnerability has been discovered by
Sebastian Krahmer from the SUSE Security Team.

3. Impact:




More in Tux Machines

KDE/Akademy

Q4OS 1.6, Orion

The significant Q4OS 1.6 'Orion' release receives the most recent Trinity R14.0.3 stable version. Trinity R14.0.3 is the third maintenance release of the R14 series, it is intended to promptly bring bug fixes to users, while preserving overall stability. The complete list and release notes you will find on the Trinity desktop environment website. New Q4OS 1.6 release includes set of new features and fixes. The default desktop look has been slightly changed, Q4OS 'Bourbon' start menu and taskbar has been polished a bit and has got a few enhancements, for example the icons size varies proportionally to the system panel. Native Desktop profiler tool has got new, optimized 'software to install' list. Read more

Learning More About Explicit Fencing & Android's Sync Framework

With the sync validation framework leaving the staging area in Linux 4.9 and other work going on around the Android sync framework and explicit fencing, this functionality is becoming a reality that ultimately benefits the Linux desktop. Collabora developer Gustavo Padovan presented at this week's LinuxCon 2016 conference about explicit fencing support in the mainline kernel with a "new era of graphics." Read more

Ubuntu Leftovers