Fix CVE-2016-7787
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kde-cli-tools (Ubuntu) |
Fix Released
|
Undecided
|
Simon Quigley |
Bug Description
This CVE applies to the package in Xenial and Yakkety. There is already a fix uploaded to proposed that needs to migrate to yakkety-release, but xenial-security needs this fix ASAP. Here is what the CVE states:
KDE Project Security Advisory
=======
Title: kdesu: Displayed command truncated by unicode string terminator
Risk Rating: Important
CVE: CVE-2016-7787
Versions: kde-cli-tools < 5.7.5
Author: Albert Astals Cid <email address hidden>
Date: 30 September 2016
Overview
========
A maliciously crafted command line for kdesu can result in the user
only seeing part of the commands that will actually get executed as super user.
Impact
======
Users can unwillingly run commands as root.
Workaround
==========
Users should be careful when running kdesu with a command line they have not written themselves.
Solution
========
kde-cli-tools 5.7.5, released as part of KDE Plasma does not allow the
execution of commands with such characters.
Alternatively, commit 5eda179a099ba68
can be applied to previous releases.
Thanks to Fabian Vogt for reporting this issue.
Thanks to Martin Sandsmark for fixing this issue.
Here is a link: https:/
Attached is a diff that can be uploaded to xenial-security. Please let me know if any corrections need to be made as this is my first time doing this.
CVE References
information type: | Private Security → Public Security |
Changed in kde-cli-tools (Ubuntu): | |
assignee: | nobody → Simon Quigley (tsimonq2) |
status: | New → In Progress |
Thanks Simon, the patch looks good; I changed the debian/changelog to match our usual style:
* SECURITY UPDATE: kdesu may show a different string than it would execute patches/ 01-patch- kde-CVE- 2016-7787. diff
with elevated privileges. (LP: #1629145)
- debian/
- CVE-2016-7787
https:/ /wiki.ubuntu. com/SecurityTea m/UpdatePrepara tion#Update_ the_packaging
Can you confirm that you've built and tested this package?
Thanks