CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
5.1%
Pavel Avgustinov discovered that SDDM does not disable the KDE crash handler, and certain themes would allow shell access to the sddm user as a result in case of a crash (CVE-2015-0856). Only SDDM users using the Breeze theme from plasma-workspace are affected.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | sddm | < 0.11.0-1.1 | sddm-0.11.0-1.1.mga5 |