kdebase-workspace
Page content
- Author: Miklos Vajna
- Vulnerable: 4.3.5-7
- Unaffected: 4.3.5-8locris1
A security issue has been reported in KDE, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to a race condition within KDM when creating the control socket during a user login. This can be exploited to change the access permissions of arbitrary files to world-writable, which can be leveraged to e.g. execute arbitrary code with escalated privileges.
- Bug Tracker URL: http://bugs.frugalware.org/task/4129