Debian Security Advisory 4116-1

Debian Security Advisory 4116-1: Posted Feb 18, 2018; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4116-1 - Krzysztof Sieluzycki discovered that the notifier for removable devices in the KDE Plasma workspace performed insufficient sanitization of FAT/VFAT volume labels, which could result in the execution of arbitrary shell commands if a removable device with a malformed disk label is mounted.; tags | advisory, arbitrary, shell; systems | linux, debian; advisories | CVE-2018-6791; SHA-256 | b9ad297c1fade239221a91632993dafc7a1a3ab7197501594a09c15d806c1548; Download | Favorite | View

Debian Security Advisory 4116-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4116-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 16, 2018                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : plasma-workspace
CVE ID         : CVE-2018-6791

Krzysztof Sieluzycki discovered that the notifier for removable devices
in the KDE Plasma workspace performed insufficient sanitisation of
FAT/VFAT volume labels, which could result in the execution of arbitrary
shell commands if a removable device with a malformed disk label is
mounted.

For the stable distribution (stretch), this problem has been fixed in
version 4:5.8.6-2.1+deb9u1.

We recommend that you upgrade your plasma-workspace packages.

For the detailed security status of plasma-workspace please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/plasma-workspace

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlqHQqIACgkQEMKTtsN8
TjZY3RAAkUCktNs6NXdNera66uIPSr6OgvNwMzpkTGDRogtAxQpNoDBoDOK/GgjF
YhOVvh/8t5oL4e1n8S04pVP7yj9dXzP80d9MTleoNqtkxBIPESdUISOSsxWaTI8+
fRiBH9YqKFeSV332KKVke7PXUGoAJNJiLgtaMX7spSE88LNbm8pzGOd/I9js54bf
bppqZnnUWvBwWPpJAqZis5LSWK+2+qXeJBm76nE1WVxooncQ0KPWUhnIFwODeAJT
ALhTMCzvlXBVV7HaslA8CCBitw+l0kv+g7R5rg0uAZIzd3vYjroG/Lp5cXitb5ls
L9CjAKTsqBIdFIOj8jwyNE+Dj2QQFYBufl/LNJwpkPlcO+sCk26OshYoIWiCjJ9w
qO+vL4zq2ihdV6ihfwPtXEvBuCUGpQBJitWl5wGnBBlqLp7yxpoiTrtnkd8jEeUz
LerxBfUEtCHDrOyR1MTqzufNBc4+hAkRINq8DwOjE4Ku5nY4cyAhCyMKmIT0GF1f
JD7DoHbOu2cStWP/l9HrjEthto6py16Ua4eo7qSbSCKWIfv/VdV6IqEVa+LQbzox
DiepHeq/j8aufZAS06giYQKhnG7n1rTrn0qqI/y1mcw5jmTmU/gMymVc4Ux72bkr
8qOI8Tw5614YnWDDaQXuYrpvhX7QIxGOVw6hTwyE9ePaN56zxHY=
=tzeQ
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 55 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Google Security Research 6 files
Apple 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,333)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,578)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,460)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Debian Security Advisory 4116-1

Debian Security Advisory 4116-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4116-1

Share This

Debian Security Advisory 4116-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems