Bug 933342 (CVE-2024-36041)

Summary:	<kde-plasma/plasma-workspace-5.27.11.1:5, <kde-plasma/plasma-workspace-6.0.90-r1:6: ksmserver: Unauthorized users can access session manager
Product:	Gentoo Security	Reporter:	Andreas Sturmlechner <asturm>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	CONFIRMED ---
Severity:	major	CC:	ajak, idarktemplar
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://kde.org/info/security/advisory-20240531-1.txt
Whiteboard:	B1 [glsa]
Package list:		Runtime testing required:	---
Bug Depends on:	933647
Bug Blocks:

Description Andreas Sturmlechner gentoo-dev

2024-06-01 07:15:04 UTC

Overview
========
KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE
based purely on the host, allowing all local connections. This allows
another user on the same machine to gain access to the session
manager.

A well crafted client could use the session restore feature to execute
arbitrary code as the user on the next boot.

Comment 1 Larry the Git Cow gentoo-dev

2024-06-07 16:18:01 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f102a34bb6339a5ee03f9a4a7b381dc6c0abf300

commit f102a34bb6339a5ee03f9a4a7b381dc6c0abf300
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2024-06-07 16:08:45 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2024-06-07 16:16:43 +0000

    kde-plasma/plasma-workspace: drop 5.27.11, 5.27.11.1
    
    Bug: https://bugs.gentoo.org/933342
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 kde-plasma/plasma-workspace/Manifest               |   1 -
 .../plasma-workspace-5.27.11.1.ebuild              | 233 ---------------------
 .../plasma-workspace-5.27.11.ebuild                | 233 ---------------------
 3 files changed, 467 deletions(-)

Comment 2 Andreas Sturmlechner gentoo-dev

2024-06-07 16:25:38 UTC

Cleanup done, thanks everyone.