Security
Security
A vulnerability in kpmcore could result in privilege escalation.
| Package | sys-libs/kpmcore on all architectures |
|---|---|
| Affected versions | < 4.2.0 |
| Unaffected versions | >= 4.2.0 |
KPMcore, the KDE Partition Manager core, is a library for examining and modifying partitions, disk devices, and filesystems on a Linux system. It provides a unified programming interface over top of (external) system-manipulation tools.
Improper checks on the D-Bus request received resulted in improper protection for /etc/fstab.
An attacker could esclate privileges to root by exploiting this vulnerability.
There is no known workaround at this time.
All KPMCore users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-libs/kpmcore-4.2.0"
Release date
November 03, 2020
Latest revision
November 03, 2020: 1
Severity
normal
Exploitable
local
Bugzilla entries