2 matches found
KDE kauth and kdelibs Logic Flaw Lets Local Users Obtain Root Privileges(CVE-2017-8422)
This document describes a generic root exploit against kde. The exploit is achieved by abusing a logic flaw within the KAuth framework which is present in kde4 org.kde.auth and kde5 org.kde.kf5auth. It is possible to spoof what KAuth calls callerID's which are indeed D-Bus unique names of the...
MGASA-2014-0432 Updated KDE 4 and related packages move to KDE 4.12.5
This KDE 4 update provides an upgrade to the last stable version of KDE Applications and Development Platform for the 4.12 series, and updates Plasma Workspaces to 4.11.12. This update fixes several security vulnerabilities - KMail/KIO POP3 SSL MITM Flaw CVE-2014-3494 - mga13545 - KAuth PID Reuse...