Published: 25/04/2018 Updated: 03/10/2019

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

An issue exists in KTextEditor 5.34.0 up to and including 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one user (who has an unprivileged account but is also able to authenticate as root) writes a text file using Kate into a directory owned by a another unprivileged user. The latter unprivileged user conducts a symlink attack to achieve privilege escalation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kde ktexteditor

Debian Bug report logs - #896836 ktexteditor: CVE-2018-10361: ktexteditor privilege escalation Package: src:ktexteditor; Maintainer for src:ktexteditor is Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 24 Apr 2018 18:54:02 UTC Sever ...

oss-sec mailing list archives   By Date By Thread </form>    Privileged File Access from Desktop Applications   From: Malte Kraus < ...

CWE-668 https://bugzilla.suse.com/show_bug.cgi?id=1033055 http://www.openwall.com/lists/oss-security/2018/04/24/1 http://www.openwall.com/lists/oss-security/2019/07/09/3 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896836 https://nvd.nist.gov

CVE-2018-10361

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect