CVE-2014-7272 sddm

Metadata

high
7.2
sddm
CVE-2014-7272
2018-03-29 05:03
2018-03-28 01:35
2018-03-10 05:03
2018-03-08 22:35
2017-06-18 07:04
2017-04-01 19:11
2017-01-05 20:16

Description

Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases).

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
buster sddm 0.11.0-2
sid sddm 0.11.0-2
stretch sddm 0.11.0-2