KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Kauth | Kde | * | 5.33 (including) |
Kdelibs | Kde | * | 4.14.31 (including) |