Language Selection

English French German Italian Portuguese Spanish

KDE KDM Vulnerability Elevation of Privilage

Filed under
KDE
Security

Sebastian Krahmer from the SUSE Security team has found a vulnerability in KDM which will allow a local user to elevate their privileges to root access. You can see more about vulnerability and install the fix below, although I expect all distributions to already have the fix applied, or to have it applied very shortly.

1. Systems affected:
KDM as shipped with KDE SC 2.2.0 up to including KDE SC 4.4.2

2. Overview:
KDM contains a race condition that allows local attackers to
make arbitrary files on the system world-writeable. This can
happen while KDM tries to create its control socket during
user login. This vulnerability has been discovered by
Sebastian Krahmer from the SUSE Security Team.

3. Impact:




More in Tux Machines

Will New Google Android Live TV Outfox Apple?

Google then rolled out its $35 Chromecast dongle, a streaming device, in mid-2013. Google's new Android TV operating system is expected to make it easier for software developers to move apps from mobile devices to TVs. Read more

Q4OS Is a Windows-Lookalike OS That Now Comes with LXDE and Xfce as Well

Q4OS, a Linux distribution built to offer a similar experience to Windows XP, is now featuring a couple of extra desktop environments that should provide some more options for users who want a different look. Read more

today's howtos

Leftovers: Gaming