CVE-2017-8422 log

Severity High
Remote No
Type Privilege escalation
KAuth <= 5.33.0 contains a logic flaw in which the service invoking dbus is not properly checked. This allows spoofing the identity of the caller and with some carefully crafted calls can lead to gaining root from an unprivileged account.
Group Package Affected Fixed Severity Status Ticket
AVG-270 kdelibs 4.14.31-1 4.14.32-1 High Fixed
AVG-269 kauth 5.33.0-1 5.33.0-2 High Fixed
Date Advisory Group Package Severity Type
10 May 2017 ASA-201705-13 AVG-270 kdelibs High privilege escalation
10 May 2017 ASA-201705-12 AVG-269 kauth High privilege escalation