oss-sec mailing list archives
CVE-2015-0856: sddm does not prevent access to the KDE crash handler
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 14 Oct 2015 20:45:38 +0200
Pavel Avgustinov discovered that sddm does not disable the KDE crash handler, and certain themes would allow shell access to the sddm user as a result in case of a crash. Upstream fix: https://github.com/sddm/sddm/commit/4cfed6b0a625593fb43876f04badc4dd99799d86
Current thread:
- CVE-2015-0856: sddm does not prevent access to the KDE crash handler Florian Weimer (Oct 14)