user/sddm: CVE-2020-28049: LPE through race in Xauthority creation
Bugzilla ID | 368 |
Alias(es) | CVE-2020-28049 |
Reporter | Max Rees (sroracle) |
Assignee | Max Rees (sroracle) |
Reported | 2020-11-19 20:30:55 -0600 |
Modified | 2020-11-19 20:30:55 -0600 |
Status | CONFIRMED |
Version | 1.0-RC1 |
Hardware | Adélie Linux / All |
Importance | --- / normal |
Package(s) | user/sddm |
URL | https://www.openwall.com/lists/oss-security/2020/11/04/2 |
Description
https://www.openwall.com/lists/oss-security/2020/11/04/2
Fixed in >= 0.19.0 https://github.com/sddm/sddm/commit/be202f533ab98a684c6a007e8d5b4357846bc222