Summary: | <=kde-base/kdm-4.3.3 Local Privilege Escalation Vulnerability (CVE-2010-0436) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Samuli Suominen (RETIRED) <ssuominen> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | critical | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A1 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Samuli Suominen (RETIRED)
2010-04-14 09:40:06 UTC
Thanks, Samuli. KDE, please provide a patched ebuild ASAP. Fixed in kdm-4.3.5-r1, kdm-4.4.2-r2 (In reply to comment #2) > Fixed in kdm-4.3.5-r1, kdm-4.4.2-r2 > Note that HPPA refused to stabilize 4.3.5, so you ""need"" to maintain also 4.3.3 wrt http://bugs.gentoo.org/show_bug.cgi?id=300393#c7 CVE-2010-0436 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0436): Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm. @security: was there any reason we have been waiting for a over month now for someone to CC arch's for kdm-4.3.5-r1 stabilization? @kde: are you still maintaining 4.3.3? we could use 4.3.3-r1 for hppa since they don't do newer versions and it's security supported arch (or is it?) Local root exploit: http://stealth.openwall.net/xSports/bambule-digitale.c http://c-skills.blogspot.com/2010/04/cve-2010-0436-poc.html (In reply to comment #5) > @security: > was there any reason we have been waiting for a over month now for someone to > CC arch's for kdm-4.3.5-r1 stabilization? No, sorry. Most of the team is inactive. > @kde: > are you still maintaining 4.3.3? we could use 4.3.3-r1 for hppa since they > don't do newer versions and it's security supported arch (or is it?) > It is. KDE, what's your take on this? Arches, please test and mark stable: =kde-base/kdm-4.3.5-r1 Target keywords : "amd64 hppa ppc ppc64 x86" x86 stable amd64 stable Marked ppc/ppc64 stable. Whoops, only marked ppc, not ppc64, sorry for the noise. Fixed in 4.4.4 ppc64, please test and mark stable as soon as possible: =kde-base/kdm-4.3.5-r1 KDE, please comment on comment #7 and at best provide a 4.3.3-r1 with the patch if possible kdm-4.3.3 removed from tree ready for glsa, I guess it should mention that hppa and ppc64 users should "emerge -C kdm" glsa request filed. CC us back if you need us again This issue was resolved and addressed in GLSA 201412-08 at http://security.gentoo.org/glsa/glsa-201412-08.xml by GLSA coordinator Sean Amoss (ackle). |