AVG-269

Package kauth
Status Fixed
Severity High
Type privilege escalation
Affected 5.33.0-1
Fixed 5.33.0-2
Current 5.43.0-1 [extra]
Ticket None
Created Wed May 10 11:52:37 2017
Issue Severity Remote Type Description
CVE-2017-8422 High No Privilege escalation
KAuth <= 5.33.0 contains a logic flaw in which the service invoking dbus is not properly checked. This allows spoofing the identity of the caller and with...
Date Advisory Package Description
10 May 2017 ASA-201705-12 kauth privilege escalation
References
https://cgit.kde.org/kauth.git/commit/?id=df875f725293af53399f5146362eb158b4f9216a