DSA-6063-1 kdeconnect - security update

Bulletin has no description...

OPENSUSE-SU-2024:10890-1 kdeconnect-kde-21.08.1-1.2 on GA media

These are all security issues fixed in the kdeconnect-kde-21.08.1-1.2 package on the GA media of openSUSE Tumbleweed...

Updated kdeconnect-kde packages improve security

For the pairing procedure, the GUI component only presented the friendly 'deviceName' to identify peer devices, which is completely under attacker control. Furthermore the 'deviceName' is transmitted in cleartext in UDP broadcast messages for all other nodes in the network segment to see. Therefo...

Updated kdeconnect-kde packages fix a security vulnerability

An attacker on your local network could send maliciously crafted packets to other hosts running kdeconnect on the network, causing them to use large amounts of CPU, memory or network connections, which could be used in a Denial of Service attack within the network. CVE-2020-26164...

CVE-2020-26164

In kdeconnect-kde aka KDE Connect before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack...

FreeBSD : kdeconnect -- packet manipulation can be exploited in a Denial of Service attack (c71ed065-0600-11eb-8758-e0d55e2a8bf9)

Albert Astals Cid reports : KDE Project Security AdvisoryTitleKDE Connect: packet manipulation can be exploited in a Denial of Service attackRisk RatingImportantCVECVE-2020-26164Versionskdeconnect Date2 October 2020Overview An attacker on your local network could send maliciously crafted packets ...