KDE Security Advisory: Arbitrary command execution in the removable device notifier

Chat about Linux in general
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Locked
User avatar
JoeFootball
Level 13
Level 13
Posts: 4673
Joined: Tue Nov 24, 2009 1:52 pm
Location: /home/usa/mn/minneapolis/joe

KDE Security Advisory: Arbitrary command execution in the removable device notifier

Post by JoeFootball »

Oops. :)

https://www.kde.org/info/security/advis ... 0208-2.txt

Joe
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Top
User avatar
catweazel
Level 19
Level 19
Posts: 9763
Joined: Fri Oct 12, 2012 9:44 pm
Location: Australian Antarctic Territory

Re: KDE Security Advisory: Arbitrary command execution in the removable device notifier

Post by catweazel »

JoeFootball wrote: Mon Feb 12, 2018 2:11 pm Oops. :)
Really, I had to laugh at that.
"There is, ultimately, only one truth -- cogito, ergo sum -- everything else is an assumption." - Me, my swansong.
Top
User avatar
JoeFootball
Level 13
Level 13
Posts: 4673
Joined: Tue Nov 24, 2009 1:52 pm
Location: /home/usa/mn/minneapolis/joe

Re: KDE Security Advisory: Arbitrary command execution in the removable device notifier

Post by JoeFootball »

So theoretically, one could create a USB drive label containing a nefarious shell command, walk up to someone's KDE deployment, plug it in, and *poof*. Eeek.

Can drives mount if the session is locked? Hmmm...

Joe
Top
User avatar
felemur
Level 5
Level 5
Posts: 537
Joined: Sun Sep 20, 2015 2:22 pm
Location: In the middle of 1000's of acres of corn & soy fields in a house full of cats.

Re: KDE Security Advisory: Arbitrary command execution in the removable device notifier

Post by felemur »

https://hotforsecurity.bitdefender.com/ ... 19586.html
Top
Locked

Return to “Chat about Linux”