Launchpad CVE tracker

CVE 2010-0436

Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm.

Related bugs and status

CVE-2010-0436 (Candidate) is related to these bugs:

Bug #562440: [CVE-2010-0436] KDM Local Privilege Escalation Vulnerability

		In	Importance	Status
562440	[CVE-2010-0436] KDM Local Privilege Escalation Vulnerability	kdebase-workspace (Ubuntu)	High	Fix Released
562440	[CVE-2010-0436] KDM Local Privilege Escalation Vulnerability	kdebase-workspace (Ubuntu Intrepid)	High	Fix Released
562440	[CVE-2010-0436] KDM Local Privilege Escalation Vulnerability	kdebase-workspace (Ubuntu Jaunty)	High	Fix Released
562440	[CVE-2010-0436] KDM Local Privilege Escalation Vulnerability	kdebase-workspace (Ubuntu Karmic)	High	Fix Released
562440	[CVE-2010-0436] KDM Local Privilege Escalation Vulnerability	kdebase-workspace (Ubuntu Lucid)	High	Fix Released

Bug #618450: plymouthd does not quit on starting kdm

		In	Importance	Status
618450	plymouthd does not quit on starting kdm	kdebase-workspace (Ubuntu)	High	Fix Released
618450	plymouthd does not quit on starting kdm	Kubuntu PPA	Undecided	Fix Released
618450	plymouthd does not quit on starting kdm	kdebase-workspace (Ubuntu Maverick)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-0436

References