[Bug 1124863] New: kauth: Insecure handling of arguments in helpers (CVE-2019-7443)
http://bugzilla.suse.com/show_bug.cgi?id=1124863 Bug ID: 1124863 Summary: kauth: Insecure handling of arguments in helpers (CVE-2019-7443) Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: KDE Applications Assignee: opensuse-kde-bugs@opensuse.org Reporter: fabian@ritter-vogt.de QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- https://www.kde.org/info/security/advisory-20190209-1.txt: KDE Project Security Advisory ============================= Title: kauth: Insecure handling of arguments in helpers Risk Rating: Medium CVE: CVE-2019-7443 Versions: KDE Frameworks < 5.55.0 Date: 9 February 2019 Overview ======== KAuth allows to pass parameters with arbitrary types to helpers running as root over DBus. Certain types can cause crashes and trigger decoding arbitrary images with dynamically loaded plugins. Solution ======== Update to kauth >= 5.55.0 Or apply the following patch to kauth: https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135... Credits ======= Thanks to Fabian Vogt for the report and Albert Astals Cid for the fix. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1124863
http://bugzilla.suse.com/show_bug.cgi?id=1124863#c1
--- Comment #1 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
http://bugzilla.suse.com/show_bug.cgi?id=1124863#c2
--- Comment #2 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
http://bugzilla.suse.com/show_bug.cgi?id=1124863#c3
--- Comment #3 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
http://bugzilla.suse.com/show_bug.cgi?id=1124863#c4
--- Comment #4 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
http://bugzilla.suse.com/show_bug.cgi?id=1124863#c5
--- Comment #5 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
http://bugzilla.suse.com/show_bug.cgi?id=1124863#c6
--- Comment #6 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
http://bugzilla.suse.com/show_bug.cgi?id=1124863#c7
--- Comment #7 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1124863
http://bugzilla.suse.com/show_bug.cgi?id=1124863#c8
Tomáš Chvátal
http://bugzilla.suse.com/show_bug.cgi?id=1124863
http://bugzilla.suse.com/show_bug.cgi?id=1124863#c9
Marcus Meissner
http://bugzilla.suse.com/show_bug.cgi?id=1124863
http://bugzilla.suse.com/show_bug.cgi?id=1124863#c10
Ludwig Nussel
http://bugzilla.suse.com/show_bug.cgi?id=1124863
Ludwig Nussel
participants (1)
-
bugzilla_noreply@novell.com