Lucene search
UbuntuUSN-6843-1HistoryJun 26, 2024 - 12:00 a.m.
Plasma Workspace vulnerability
2024-06-2600:00:00
ubuntu.com
9
plasma workspace
ubuntu
ice vulnerability
arbitrary code
session manager
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
Low
EPSS
0
Percentile
5.1%
Releases
- Ubuntu 24.04 LTS
- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Packages
- plasma-workspace - Plasma Workspace for KF5
Details
Fabian Vogt discovered that Plasma Workspace incorrectly handled
connections via ICE. A local attacker could possibly use this issue to
gain access to another user’s session manager and execute arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 24.04 | noarch | plasma-workspace | < 4:5.27.11-0ubuntu4.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libcolorcorrect5 | < 4:5.27.11-0ubuntu4.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libcolorcorrect5-dbgsym | < 4:5.27.11-0ubuntu4.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libkfontinst5 | < 4:5.27.11-0ubuntu4.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libkfontinst5-dbgsym | < 4:5.27.11-0ubuntu4.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libkfontinstui5 | < 4:5.27.11-0ubuntu4.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libkfontinstui5-dbgsym | < 4:5.27.11-0ubuntu4.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libkworkspace5-5 | < 4:5.27.11-0ubuntu4.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libkworkspace5-5-dbgsym | < 4:5.27.11-0ubuntu4.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libnotificationmanager1 | < 4:5.27.11-0ubuntu4.1 | UNKNOWN |
References
Related
osv
osv
plasma-workspace - security update
2024-06-14 00:00:00
CVE-2024-36041
2024-07-05 02:15:10
Security update for plasma5-workspace
2024-06-13 20:01:46
vulnrichment
vulnrichment
CVE-2024-36041
2024-07-05 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: plasma-workspace-5.27.11.1-1.fc39
2024-06-02 03:39:41
[SECURITY] Fedora 40 Update: plasma-workspace-6.0.5.1-1.fc40
2024-06-02 01:23:30
nessus
nessus
Debian dla-3827 : libcolorcorrect5 - security update
2024-06-14 00:00:00
FreeBSD : plasma[56]-plasma-workspace -- Unauthorized users can access session manager (479df73e-2838-11ef-9cab-4ccc6adda413)
2024-06-12 00:00:00
Fedora 40 : plasma-workspace (2024-83fc86a0bc)
2024-06-02 00:00:00
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-83fc86a0bc)
2024-06-07 00:00:00
Fedora: Security Advisory (FEDORA-2024-d120dc28b8)
2024-06-07 00:00:00
Debian: Security Advisory (DLA-3827-1)
2024-07-01 00:00:00
slackware
slackware
[slackware-security] plasma-workspace
2024-08-27 19:31:17
freebsd
freebsd
plasma[56]-plasma-workspace -- Unauthorized users can access session manager
2024-05-31 00:00:00
cvelist
cvelist
CVE-2024-36041
2024-07-05 00:00:00
mageia
mageia
Updated plasma-workspace packages fix security vulnerability
2024-06-07 20:31:41
cve
cve
CVE-2024-36041
2024-07-05 02:15:10
gentoo
gentoo
KDE Plasma Workspaces: Privilege Escalation
2024-07-06 00:00:00
ubuntucve
ubuntucve
CVE-2024-36041
2024-06-03 00:00:00
alpinelinux
alpinelinux
CVE-2024-36041
2024-07-05 02:15:10
nvd
nvd
CVE-2024-36041
2024-07-05 02:15:10
debiancve
debiancve
CVE-2024-36041
2024-07-05 02:15:10
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
Low
EPSS
0
Percentile
5.1%
Related for USN-6843-1