#VU6597 Privilege escalation in kdelibs and kauth


Published: 2020-03-18

Vulnerability identifier: #VU6597

Vulnerability risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2017-8422

CWE-ID: CWE-264

Exploitation vector: Local

Exploit availability: Yes

Vulnerable software:
kdelibs
Client/Desktop applications / Other client software
kauth
Client/Desktop applications / Other client software

Vendor: KDE.org

Description
The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to a logic flaw in the affected software. A local attacker could make a specially crafted call, spoof the caller identity and gain root privileges.

Successful exploitation of the vulnerability may result in full access to the system.

Mitigation
Update KDE kauth to version 5.34.
Update KDE kdelibs to version 4.14.32

Vulnerable software versions

kdelibs: 4.12 - 4.14

kauth: 5.31 - 5.33

External links
http://www.kde.org/info/security/advisory-20170510-1.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.


Latest bulletins with this vulnerability


Gentoo update for KAuth and KDELibs
CentOS update for KDE kdelibs
Red Hat update for KDE kdelibs
SUSE Linux update for kdelibs4
Privilege escalation in KDE kauth and kdelibs
OpenSUSE Linux update for kauth
OpenSUSE Linux update for kauth
Ubuntu update for KDE-Libs
Arch Linux update for kdelibs
Arch Linux update for kauth