cpe:/a:kde:kauth:5.33 cpe:/a:kde:kdelibs:4.14.31 CVE-2017-8422 2017-05-17T10:29:00.387-04:00 2019-10-02T20:03:26.223-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov SECTRACK 1038480 EXPLOIT-DB 42053 BID 98412 DEBIAN DSA-3849 GENTOO GLSA-201706-29 REDHAT RHSA-2017:1264 MLIST [oss-security] 20170510 generic kde LPE CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1449647 CONFIRM https://cgit.kde.org/kauth.git/commit/?id=df875f725293af53399f5146362eb158b4f9216a CONFIRM https://cgit.kde.org/kdelibs.git/commit/?id=264e97625abe2e0334f97de17f6ffb52582888ab CONFIRM https://www.kde.org/info/security/advisory-20170510-1.txt KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.