oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

consolekit security flaw heads up

From: Josh Bressers <bressers () redhat com>
Date: Thu, 7 Apr 2011 13:12:30 -0400 (EDT)
I've assigned this CVE-2010-4664.

It's not terribly serious. The short story is that local users have some
special treatment with consolekit, and it's easy to become a "local user".

https://bugzilla.redhat.com/show_bug.cgi?id=585952
https://bugzilla.redhat.com/show_bug.cgi?id=600455
https://bugs.freedesktop.org/show_bug.cgi?id=28377

The upstream bug has a patch.

Thanks.

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: