CVE-2017-8422

Priority
High
Description
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain
root privileges by spoofing a callerID and leveraging a privileged helper
app.
References
Bugs
Package
Source: kauth (LP Ubuntu Debian)
Upstream:released (5.34)
Ubuntu 17.10 (Artful Aardvark):released (5.33.0-0ubuntu2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (5.18.0-0ubuntu2)
Ubuntu 17.04 (Zesty Zapus):released (5.31.0-0ubuntu1.1)
Patches:
Upstream:https://cgit.kde.org/kauth.git/commit/?id=df875f725293af53399f5146362eb158b4f9216a
Package
Upstream:released (4.14.32)
Ubuntu 17.10 (Artful Aardvark):released (4:4.14.30-0ubuntu2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (4:4.13.3-0ubuntu0.5)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4:4.14.16-0ubuntu3.2)
Ubuntu 17.04 (Zesty Zapus):released (4:4.14.30-0ubuntu1.1)
Patches:
Upstream:https://commits.kde.org/kdelibs/264e97625abe2e0334f97de17f6ffb52582888ab
More Information

Updated: 2017-08-11 23:56:00 UTC (commit 13081)