CVE-2017-8422

Опубликовано: 17 мая 2017

Источник: debian

EPSS Низкий

Описание

KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
kauth	fixed	5.28.0-2		package
kde4libs	fixed	4:4.14.26-2		package

Примечания

https://www.openwall.com/lists/oss-security/2017/05/10/3
patch for kauth: https://github.com/KDE/kauth/commit/df875f725293af53399f5146362eb158b4f9216a
patch for kde4libs: https://github.com/KDE/kdelibs/commit/264e97625abe2e0334f97de17f6ffb52582888ab
https://www.kde.org/info/security/advisory-20170510-1.txt

EPSS

Процентиль: 58%

0.00373

Низкий

Связанные уязвимости

CVE-2017-8422

CVSS3: 7.8

ubuntu

больше 8 лет назад

KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

CVE-2017-8422

CVSS3: 7.8

redhat

больше 8 лет назад

KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

CVE-2017-8422

CVSS3: 7.8

nvd

больше 8 лет назад

KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

SUSE-SU-2017:1335-1

suse-cvrf

больше 8 лет назад

Security update for kdelibs4

GHSA-3x3g-jj7x-gr2f

CVSS3: 7.8

github

больше 3 лет назад

KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

EPSS

Процентиль: 58%

0.00373

Низкий