Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-8651

The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.

Related bugs and status

CVE-2014-8651 (Candidate) is related to these bugs:

Bug #1389665: privilage escalation in clock kcontrol

		In	Importance	Status
1389665	privilage escalation in clock kcontrol	kde-workspace (Ubuntu)	Undecided	Invalid
1389665	privilage escalation in clock kcontrol	kde-workspace (Ubuntu Precise)	Undecided	Fix Released
1389665	privilage escalation in clock kcontrol	kde-workspace (Ubuntu Utopic)	Undecided	Fix Released
1389665	privilage escalation in clock kcontrol	kde-workspace (Ubuntu Vivid)	Undecided	Invalid
1389665	privilage escalation in clock kcontrol	kde-workspace (Ubuntu Trusty)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2014110...
MLIST: [oss-security] 2014110...
CONFIRM: https://www.kde.org/in...
FEDORA: FEDORA-2014-14813
FEDORA: FEDORA-2014-14865
FEDORA: FEDORA-2014-14895
UBUNTU: USN-2402-1
BID: 70904
GENTOO: GLSA-201512-12