KAuth contains a logic flaw in which the service invoking dbus is not properly checked. This allows spoofing the identity of the caller and with some carefully crafted calls can lead to gaining root from an unprivileged account. Affected versions: kauth < 5.34, kdelibs < 4.14.32 Upstream patches: kauth: https://commits.kde.org/kauth/df875f725293af53399f5146362eb158b4f9216a kdelibs: https://commits.kde.org/kdelibs/264e97625abe2e0334f97de17f6ffb52582888ab External References: https://www.kde.org/info/security/advisory-20170510-1.txt http://seclists.org/oss-sec/2017/q2/240
Created kdelibs tracking bugs for this issue: Affects: fedora-all [bug 1449649] Created kdelibs-webkit tracking bugs for this issue: Affects: epel-7 [bug 1449651] Created kdelibs3 tracking bugs for this issue: Affects: fedora-all [bug 1449650] Created kf5-kauth tracking bugs for this issue: Affects: epel-7 [bug 1449648] Affects: fedora-all [bug 1449652]
Acknowledgments: Name: Sebastian Krahmer (SUSE)
As written in https://bugzilla.redhat.com/show_bug.cgi?id=1449650#c3 , the actual affected versions are only: kauth < 5.34, 4.4.0 <= kdelibs < 4.14.32 In particular, kdelibs3 is NOT affected (see also https://bugzilla.redhat.com/show_bug.cgi?id=1449650#c2 ).
(In reply to Kevin Kofler from comment #3) > As written in https://bugzilla.redhat.com/show_bug.cgi?id=1449650#c3 , the > actual affected versions are only: > kauth < 5.34, 4.4.0 <= kdelibs < 4.14.32 > In particular, kdelibs3 is NOT affected (see also > https://bugzilla.redhat.com/show_bug.cgi?id=1449650#c2 ). OK, thank you! Next time, please don't change the internal whiteboard, these changes should be made only by Product Security members.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:1264 https://access.redhat.com/errata/RHSA-2017:1264