6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
8.6%
The K Desktop Environment (KDE) is a graphical desktop environment for the
X Window System. The kdebase packages include core applications for KDE.
A privilege escalation flaw was found in the KDE Display Manager (KDM). A
local user with console access could trigger a race condition, possibly
resulting in the permissions of an arbitrary file being set to world
writable, allowing privilege escalation. (CVE-2010-0436)
Red Hat would like to thank Sebastian Krahmer of the SuSE Security Team for
responsibly reporting this issue.
Users of KDE should upgrade to these updated packages, which contain a
backported patch to correct this issue. The system should be rebooted for
this update to take effect. After the reboot, administrators should
manually remove all leftover user-owned dmctl-* directories in
“/var/run/xdmctl/”.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | i386 | kdebase | < 3.5.4-21.el5_5.1 | kdebase-3.5.4-21.el5_5.1.i386.rpm |
RedHat | 5 | s390 | kdebase-devel | < 3.5.4-21.el5_5.1 | kdebase-devel-3.5.4-21.el5_5.1.s390.rpm |
RedHat | 4 | s390 | kdebase-devel | < 3.3.1-13.el4_8.1 | kdebase-devel-3.3.1-13.el4_8.1.s390.rpm |
RedHat | 5 | ppc | kdebase-devel | < 3.5.4-21.el5_5.1 | kdebase-devel-3.5.4-21.el5_5.1.ppc.rpm |
RedHat | 4 | src | kdebase | < 3.3.1-13.el4_8.1 | kdebase-3.3.1-13.el4_8.1.src.rpm |
RedHat | 4 | i386 | kdebase | < 3.3.1-13.el4_8.1 | kdebase-3.3.1-13.el4_8.1.i386.rpm |
RedHat | 4 | x86_64 | kdebase | < 3.3.1-13.el4_8.1 | kdebase-3.3.1-13.el4_8.1.x86_64.rpm |
RedHat | 5 | s390 | kdebase | < 3.5.4-21.el5_5.1 | kdebase-3.5.4-21.el5_5.1.s390.rpm |
RedHat | 5 | ppc64 | kdebase-devel | < 3.5.4-21.el5_5.1 | kdebase-devel-3.5.4-21.el5_5.1.ppc64.rpm |
RedHat | 5 | ppc64 | kdebase | < 3.5.4-21.el5_5.1 | kdebase-3.5.4-21.el5_5.1.ppc64.rpm |