Описание
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases).
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-7272
- https://github.com/sddm/sddm/pull/280
- https://bugzilla.redhat.com/show_bug.cgi?id=1149610
- http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141494.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141550.html
- http://www.openwall.com/lists/oss-security/2014/10/06/4
Связанные уязвимости
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases).
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users ...
Уязвимость экранного менеджера Simple Desktop Display Manager операционной системы Fedora, позволяющая нарушителю получить привилегии root