kdm (kdebase) -- race condition

ID DSA-2037
Type debian
Reporter Debian
Modified 2010-04-17T00:00:00


Sebastian Krahmer discovered that a race condition in the KDE Desktop Environment's KDM display manager, allow a local user to elevate privileges to root.

For the stable distribution (lenny), this problem has been fixed in version 4:3.5.9.dfsg.1-6+lenny1.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your kdm package.