CVE request: local privilege escalation flaw in Red Star OS 3.0

[David Jorm <david.jorm () gmail com>]

Hi All

Red Star OS 3.0 (붉은별) ships with the root account disabled. A flaw has been
identified that allows a local user to jailbreak the environment and gain
root access. As noted here:
http://richardg867.wordpress.com/2015/01/01/notes-on-red-star-os-3-0/

"The root user is disabled on Red Star, and it doesn’t look like there is a
way to enable it. Fortunately, they left a big security hole: the Software
Manager (swmng.app), which runs as root through sudo and will install any
RPM package, even if unsigned."

Please assign a CVE ID to this issue.

Thanks

David