CVE-2014-8651
Published: 7 November 2014
The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.
Priority
Status
Package | Release | Status |
---|---|---|
kde-workspace Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Released
(4:4.8.5-0ubuntu0.4)
|
|
trusty |
Released
(4:4.11.11-0ubuntu0.2)
|
|
upstream |
Released
(4:4.11.13-2)
|
|
utopic |
Released
(4:4.8.5-0ubuntu0.4)
|
|
Patches: upstream: https://projects.kde.org/projects/kde/kde-workspace/repository/diff?rev=54d0bfb5effff9c8cf60da890b7728cbe36a454e&rev_to=fd2aa9deed44fad6107625ad7360157fea7296f6 upstream: https://projects.kde.org/projects/kde/workspace/plasma-desktop/repository/diff?rev_to=683b66889b8abbeec82eedcbb1c9ff08c06e9582&rev=58bb376fb9ffb2ecb9ce0a89a0a312bfa091bd3f |