Privilege Escalation in KDE Clock KCM PolicyKit Helper
CVE-2014-8651

Currently unrated

Key Information:

Vendor: Kde
Status: Plasma-desktop
Vendor: CVE Published:; 6 December 2014

What is CVE-2014-8651?

The KDE Clock KCM policykit helper in certain versions of kde-workspace and plasma-desktop allows local users to exploit a crafted ntpUtility argument to gain unauthorized privileges. This vulnerability can result in security breaches, making it crucial for users with affected versions to apply necessary patches and mitigations.

References

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

http://www.openwall.com/lists/oss-security/2014/11/04/9

mailing-listx_refsource_MLIST

https://security.gentoo.org/glsa/201512-12

vendor-advisoryx_refsource_GENTOO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 6, 2014
Vulnerability Reserved
Nov 6, 2014

CVE-2014-8651 Data

JSON

Kde

What is CVE-2014-8651?

References

Timeline