Upstream announced a security issue related to kwallet-pam <5.12.6 (5.12.5 is the lates released version so far). The linked upstream advisory contains links to patches for plasma 5.12 and 5.8: Plasma 5.12 https://commits.kde.org/kwallet-pam/2134dec85ce19d6378d03cddfae9e5e464cb24c0 https://commits.kde.org/kwallet-pam/01d4143fda5bddb6dca37b23304dc239a5fb38b5 Plasma 5.8 https://commits.kde.org/kwallet-pam/99abc7fde21f40cc6da5feb6ee766cc46fcca1f8 https://commits.kde.org/kwallet-pam/802f305d81f8771c4f4a8bd7fd0e368ffc6f9b3b Reproducible: Always
See also: https://marc.info/?l=kde-announce&m=152534806103730&w=2
at lest gentoo-sources set fs.protected_hardlinks = 1 fs.protected_symlinks = 1 by default so this should not be possible to exploit this vulnerability. users of vanilla-sources or other kernels may be affected though
Apparently these security fixes are currently causing regressions: https://bugs.kde.org/show_bug.cgi?id=393856 https://bugs.archlinux.org/task/58446 https://bugs.launchpad.net/ubuntu/+source/kwallet-pam/+bug/1769187
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f1744b94bb12908e35666a1322d06615b7f7657b commit f1744b94bb12908e35666a1322d06615b7f7657b Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2018-05-05 11:16:14 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2018-05-05 11:16:14 +0000 kde-plasma/kwallet-pam: Fix CVE-2018-10380 Bug: https://bugs.gentoo.org/654746 Package-Manager: Portage-2.3.32, Repoman-2.3.9 .../kwallet-pam-5.11.5-CVE-2018-10380-1.patch | 206 +++++++++++++++++++++ .../kwallet-pam-5.11.5-CVE-2018-10380-2.patch | 135 ++++++++++++++ .../kwallet-pam-5.11.5-CVE-2018-10380-3.patch | 54 ++++++ .../kwallet-pam/kwallet-pam-5.11.5-r1.ebuild | 35 ++++ .../kwallet-pam/kwallet-pam-5.12.5-r1.ebuild | 35 ++++ 5 files changed, 465 insertions(+)
Arches, please stabilise.
x86 stable
amd64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
New GLSA request file. Please add to CVETool. Gentoo Security Advocate (jmbailey/mbailey_j)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6087f8347b5df6cf69ce7b51780787737f2ad4ee commit 6087f8347b5df6cf69ce7b51780787737f2ad4ee Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2018-05-07 17:01:34 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2018-05-07 17:01:34 +0000 kde-plasma/kwallet-pam: Cleanup vulnerable Bug: https://bugs.gentoo.org/654746 Package-Manager: Portage-2.3.36, Repoman-2.3.9 kde-plasma/kwallet-pam/kwallet-pam-5.11.5.ebuild | 33 ------------------------ kde-plasma/kwallet-pam/kwallet-pam-5.12.5.ebuild | 33 ------------------------ 2 files changed, 66 deletions(-)
This is mitigated by the default kernel sources which are Gentoo security supported. @kde, thanks for patching so quickly as usual!
