Launchpad.net

CVE 2018-6791

An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is "$(touch b)" -- this will create a file called b in the home folder.

Related bugs and status

CVE-2018-6791 (Candidate) is related to these bugs:

Bug #1748247: [CVE] Arbitrary command execution in the removable device notifier

		In	Importance	Status
1748247	[CVE] Arbitrary command execution in the removable device notifier	plasma-workspace (Ubuntu)	High	Fix Released
1748247	[CVE] Arbitrary command execution in the removable device notifier	plasma-workspace (Ubuntu Xenial)	High	Fix Released
1748247	[CVE] Arbitrary command execution in the removable device notifier	plasma-workspace (Ubuntu Bionic)	High	Fix Released
1748247	[CVE] Arbitrary command execution in the removable device notifier	plasma-workspace (Ubuntu Artful)	High	Fix Released
1748247	[CVE] Arbitrary command execution in the removable device notifier	Kubuntu PPA	High	Fix Released
1748247	[CVE] Arbitrary command execution in the removable device notifier	Kubuntu PPA artful	High	Fix Released
1748247	[CVE] Arbitrary command execution in the removable device notifier	Kubuntu PPA xenial	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2018-6791

Related bugs and status

Related bugs

References