Total vulnerabilities in the database
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."
| Software | From | Fixed in |
|---|---|---|
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| canonical / ubuntu_linux | 12.04 | 12.04.x |
| kde / kdelibs | 4.13.90 | 4.13.90.x |
| kde / kdelibs | - | 4.13.97.x |
| kde / kdelibs | 4.11.4 | 4.11.4.x |
| kde / kdelibs | 4.10.97 | 4.10.97.x |
| kde / kdelibs | 4.12.3 | 4.12.3.x |
| kde / kdelibs | 4.10.2 | 4.10.2.x |
| kde / kdelibs | 4.12.1 | 4.12.1.x |
| kde / kdelibs | 4.11.90 | 4.11.90.x |
| kde / kdelibs | 4.12.90 | 4.12.90.x |
| kde / kdelibs | 4.12.97 | 4.12.97.x |
| kde / kdelibs | 4.13.3 | 4.13.3.x |
| kde / kdelibs | 4.11.2 | 4.11.2.x |
| kde / kdelibs | 4.13.0 | 4.13.0.x |
| kde / kdelibs | 4.11.5 | 4.11.5.x |
| kde / kdelibs | 4.12.0 | 4.12.0.x |
| kde / kdelibs | 4.10.95 | 4.10.95.x |
| kde / kdelibs | 4.13.95 | 4.13.95.x |
| kde / kdelibs | 4.12.2 | 4.12.2.x |
| kde / kdelibs | 4.11.1 | 4.11.1.x |
| kde / kdelibs | 4.13.80 | 4.13.80.x |
| kde / kdelibs | 4.12.80 | 4.12.80.x |
| kde / kdelibs | 4.13.2 | 4.13.2.x |
| kde / kdelibs | 4.10.3 | 4.10.3.x |
| kde / kdelibs | 4.10.1 | 4.10.1.x |
| kde / kdelibs | 4.11.95 | 4.11.95.x |
| kde / kdelibs | 4.11.80 | 4.11.80.x |
| kde / kdelibs | 4.11.3 | 4.11.3.x |
| kde / kdelibs | 4.12.5 | 4.12.5.x |
| kde / kdelibs | 4.11.97 | 4.11.97.x |
| kde / kdelibs | 4.11.0 | 4.11.0.x |
| kde / kdelibs | 4.13.1 | 4.13.1.x |
| kde / kauth | - | 5.0.x |
| kde / kdelibs | 4.10.0 | 4.10.0.x |
| kde / kdelibs | 4.12.4 | 4.12.4.x |
| kde / kdelibs | 4.12.95 | 4.12.95.x |