Gentoo Linux Security Advisory 201412-8 - This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution.
a863e2eb03f0ac1937834e096aa9a52158ef6e9eb8144f3d6df45b14d4002a27
This write up is an in-depth analysis of the CVE-2010-0436 KDE TOCTTOU vulnerability.
38416e656eed90eb727e8283a9b7f15d42bbf88b4930302e3793941e698ff9c6
Ubuntu Security Notice 932-1 - Sebastian Krahmer discovered a race condition in the KDE Display Manager (KDM). A local attacker could exploit this to change the permissions on arbitrary files, thus allowing privilege escalation.
4372a4aff4c5766652268cb33f145075be19e371399eba24f8aed1555bfe6f26
Debian Linux Security Advisory 2037-1 - Sebastian Krahmer discovered that a race condition in the KDE Desktop Environment's KDM display manager, allow a local user to elevate privileges to root.
8cf38d43fdd1f0056423f6c0cc6d82bbabab5c5409e7f8a3ed1aed7b3d2dc866
Mandriva Linux Security Advisory 2010-074 - A vulnerability has been found and corrected in kdm. KDM contains a race condition that allows local attackers to make arbitrary files on the system world-writeable. This can happen while KDM tries to create its control socket during user login. This vulnerability has been discovered by Sebastian Krahmer from the SUSE Security Team. It is advised to reboot the computer after applying the updated packages in order to the security fix to take full effect. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
6e44ca1184ea3d7240884fb255869f8532643ab9fbb175bc2751a3c59775512e