CVE-2018-10361

Published: Apr 25, 2018Modified: Nov 21, 2024

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one user (who has an unprivileged account but is also able to authenticate as root) writes a text file using Kate into a directory owned by a another unprivileged user. The latter unprivileged user conducts a symlink attack to achieve privilege escalation.

Affected (1)

Products: Kde: Ktexteditor

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kde Ktexteditor	From 5.34.0 to 5.45.0

Related CWEs

Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

References (6)

http://www.openwall.com/lists/oss-security/2018/04/24/1

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2019/07/09/3

Source: cve@mitre.org

https://bugzilla.suse.com/show_bug.cgi?id=1033055

Source: cve@mitre.org

Issue TrackingThird Party Advisory

http://www.openwall.com/lists/oss-security/2018/04/24/1

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2019/07/09/3

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.suse.com/show_bug.cgi?id=1033055

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

Timeline

No history available yet.