3 matches found
CVE-2019-7443
CVE-2019-7443 affects KDE KAuth before 5.55. The issue arises from passing parameters of arbitrary types to helpers via DBus over DBusHelperProxy.cpp, allowing plugin code to run with root privileges and potentially increasing impact of a plugin vulnerability. Documented impact includes crashes a...
CVE-2017-8422
KDE kauth and kdelibs contain a local privilege escalation flaw: a callerID spoof via D-Bus in KAuth and KDELibs can let a non-privileged user gain root. Affected: kde4libs/kdelibs before 4.14.32 and KAuth before 5.34. Impact: local attacker could escalate privileges; no remote/vector details pro...
CVE-2014-5033
CVE-2014-5033 affects KDE components: kdelibs prior to 4.14 and kauth prior to 5.1, where PolicyKit is accessed via D-Bus. A local race condition in PolkitUnixProcess/PolkitSubject could allow bypassing authorization, related to PID-reuse issues (and CVE-2013-4288). Public documents show mitigati...