VDB

GCVE-110-MAGEIA-2017-274

GCVE-110-MAGEIA-2017-274
Advisory Published
Vulnetix · Advisory published August 16, 2017
Sebastian Krahmer from SUSE discovered that the KAuth framework contains a logic flaw in which the service invoking dbus is not properly checked. This flaw allows spoofing the identity of the caller and gaining root privileges from an unprivileged account (CVE-2017-8422).

Affected Products

VendorProductVersionsPlatforms
Mageiakauth5.5.0-1.1.mga5 (unaffected), 0 (affected)
Mageiakdelibs40 (affected), 4.14.30-1.1.mga5 (unaffected)

Browse GCVE Records

72,580 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›