Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:30199
HistoryApr 29, 2021 - 10:18 a.m.

Privilege Escalation

2021-04-2910:18:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6

0.0004 Low

EPSS

Percentile

5.1%

kpmcore is vulnerable to privilege escalation. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute the mount command to gain root privileges.

CPENameOperatorVersion
kpmcoreeq4.1.0-r3
kpmcoreeq4.1.0-r3