CVE-2020-27187 log

Severity High
Remote No
Type Privilege escalation
kpmcore_externalcommand helper contains a logic flaw in which the service invoking dbus is not properly checked. An attacker on your local machine can replace /etc/fstab, execute mount and other partitioning related commands while KDE Partition Manager is running.  mount command can then be used to gain full root privileges.
Group Package Affected Fixed Severity Status Ticket
AVG-1253 kpmcore 4.1.0-1 4.2.0-1 High Fixed
Date Advisory Group Package Severity Type
18 Oct 2020 ASA-202010-8 AVG-1253 kpmcore High privilege escalation