Upcoming KDE security advisory: Systems affected: start_kdeinit of KDE 3.x as of KDE 3.5.5 or newer. KDE 4.0 and newer is not affected. Only Linux platform is affected. Overview: start_kdeinit is a wrapper to launch kdeinit with a lower OOM score on Linux. This helper is used to ensure that a single KDE application triggering the Linux kernel OOM killer does not kill the whole KDE session. By default, start_kdeinit is installed as setuid root. The start_kdeinit processing of user-influenceable input is faulty. Impact: If start_kdeinit is installed as setuid root, a local user might be able to send unix signals to other processes, cause a denial of service or even possibly execute arbitrary code.
Created attachment 303448 [details] Upstream patch
This issue did not affect versions of kdelibs as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5, that do not ship start_kdeinit helper. start_kdeinit is shipped in versions of KDE currently in Fedora 7 and 8, however start_kdeinit is not installed as setuid root in Fedora, so Fedora kdelibs packages are not affected by this problem.
Public now, lifting embargo: http://www.kde.org/info/security/advisory-20080426-2.txt
Closing based on comment #2.
I looked at this yesterday and I've come to the same conclusion, so I can confirm that Fedora is not affected.
Oh, and start_kdeinit is also shipped in kdelibs3 in dist-f9, but is not installed setuid root there either => dist-f9 also unaffected.
Kevin, thanks for review / confirmation!