Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-10361

An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one user (who has an unprivileged account but is also able to authenticate as root) writes a text file using Kate into a directory owned by a another unprivileged user. The latter unprivileged user conducts a symlink attack to achieve privilege escalation.

Published

2018-04-25T05:29:00.237

Last Modified

2024-11-21T03:41:15.793

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-668

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	kde	ktexteditor	≤ 5.45.0	Yes

References

http://www.openwall.com/lists/oss-security/2018/04/24/1 Mailing List, Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2019/07/09/3 ([email protected])
https://bugzilla.suse.com/show_bug.cgi?id=1033055 Issue Tracking, Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2018/04/24/1 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2019/07/09/3 (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.suse.com/show_bug.cgi?id=1033055 Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)