Описание
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| logiops | fixed | 0.3.5-1 | package | |
| logiops | no-dsa | bookworm | package |
Примечания
https://bugzilla.suse.com/show_bug.cgi?id=1226598
https://github.com/PixlOne/logiops/issues/473
https://github.com/PixlOne/logiops/pull/476
https://github.com/PixlOne/logiops/commit/628ab937a25724c1f21e7edf25c8e5aaff82c691 (v0.3.5)
EPSS
Связанные уязвимости
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction.
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction.
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction.
EPSS