A vulnerability in KAuth and KDELibs allows local users to gain root privileges.
|Package||kde-frameworks/kauth on all architectures|
|Affected versions||< 5.29.0-r1|
|Unaffected versions||>= 5.29.0-r1|
|Package||kde-frameworks/kdelibs on all architectures|
|Affected versions||< 4.14.32|
|Unaffected versions||>= 4.14.32|
KAuth provides a convenient, system-integrated way to offload actions that need to be performed as a privileged user (root, for example) to small (hopefully secure) helper utilities.
The KDE libraries, basis of KDE and used by many open source projects.
KAuth and KDELibs contains a logic flaw in which the service invoking D-Bus is not properly checked. This allows spoofing the identity of the caller and with some carefully crafted calls can lead to gaining root from an unprivileged account.
A local attacker could spoof the identity of the caller invoking D-Bus, possibly resulting in gaining privileges.
There is no known workaround at this time.
All KAuth users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=kde-frameworks/kauth-5.29.0-r1"
All KDELibs users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=kde-frameworks/kdelibs-4.14.32"
June 27, 2017
June 27, 2017: 1