CVE-2014-7272

Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases).
Configurations

Configuration 1 (hide)

cpe:2.3:a:sddm_project:sddm:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-03-08 20:29

Updated : 2024-02-28 16:25


NVD link : CVE-2014-7272

Mitre link : CVE-2014-7272

CVE.ORG link : CVE-2014-7272


JSON object : View

Products Affected

fedoraproject

  • fedora

sddm_project

  • sddm
CWE
CWE-264

Permissions, Privileges, and Access Controls