A vulnerability in KAuth and KDELibs allows local users to gain root privileges.
Package | kde-frameworks/kauth on all architectures |
---|---|
Affected versions | < 5.29.0-r1 |
Unaffected versions | >= 5.29.0-r1 |
Package | kde-frameworks/kdelibs on all architectures |
---|---|
Affected versions | < 4.14.32 |
Unaffected versions | >= 4.14.32 |
KAuth provides a convenient, system-integrated way to offload actions that need to be performed as a privileged user (root, for example) to small (hopefully secure) helper utilities.
The KDE libraries, basis of KDE and used by many open source projects.
KAuth and KDELibs contains a logic flaw in which the service invoking D-Bus is not properly checked. This allows spoofing the identity of the caller and with some carefully crafted calls can lead to gaining root from an unprivileged account.
A local attacker could spoof the identity of the caller invoking D-Bus, possibly resulting in gaining privileges.
There is no known workaround at this time.
All KAuth users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=kde-frameworks/kauth-5.29.0-r1"
All KDELibs users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=kde-frameworks/kdelibs-4.14.32"
Release date
June 27, 2017
Latest revision
June 27, 2017: 1
Severity
high
Exploitable
local
Bugzilla entries