FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

kf5-kauth -- Insecure handling of arguments in helpers

Affected packages
kf5-kauth < 5.54.0_2


VuXML ID e8bcac84-2d5c-11e9-9a74-e0d55e2a8bf9
Discovery 2019-02-09
Entry 2019-02-10

Albert Astals Cid reports:

KAuth allows to pass parameters with arbitrary types to helpers running as root over DBus.

Certain types can cause crashes and trigger decoding arbitrary images with dynamically loaded plugin


CVE Name CVE-2019-7443