Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
89
security advisoryfedoraupdateFedora 44 kf6-kauth Update FEDORA-2026-fe3d8d4767 KDE Frameworks 6.25.0
Frameworks 6.25.0 + KDE Plasma 6.6.4. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-fe3d8d4767 2026-04-16 23:40:54.273526+00:00 -------------------------------------------------------------------------------- Name : kf6-kauth Product : Fedora 44 Version : 6.25.0 Release : 1.fc44 URL : https://invent.kde.org/frameworks/kauth Summary : KDE Frameworks 6 module to perform actions as privileged user Description : KDE Frameworks 6 module to perform actions as privileged user. -------------------------------------------------------------------------------- Update Information: Frameworks 6.25.0 + KDE Plasma 6.6.4 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 9 2026 Steve Cossette - 6.25.0-1 - 6.25.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2455469 - Configuring WifI network via Network pane appears to not work https://bugzilla.redhat.com/show_bug.cgi?id=2455469 [ 2 ] Bug #2457573 - FE: KDE Frameworks 6.25.0 + Plasma 6.6.4 https://bugzilla.redhat.com/show_bug.cgi?id=2457573 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fe3d8d4767' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 16, 2026
•Informational
Fedora
172
security advisorydenial of servicecritical vulnerabilityUbuntu 18.04 ESM USN-6035-1 Critical: KAuth Denial of Service
KAuth could be made to crash or run programs if it received specially crafted input.. =========================================================================Ubuntu Security Notice USN-6035-1 April 20, 2023 kauth vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 ESM - Ubuntu 16.04 ESM Summary: KAuth could be made to crash or run programs if it received specially crafted input. Software Description: - kauth: Abstraction to system policy and authentication features Details: It was discovered that KAuth incorrectly handled some configuration parameterswith specially crafted arbitrary types. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 ESM: libkf5auth-data 5.44.0-0ubuntu1+esm1 libkf5auth5 5.44.0-0ubuntu1+esm1 Ubuntu 16.04 ESM: libkf5auth-data 5.18.0-0ubuntu2+esm1 libkf5auth5 5.18.0-0ubuntu2+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6035-1 CVE-2019-7443 . KAuth weakness in Ubuntu may lead to system instability or unauthorized code execution through specially designed inputs. Make sure to update immediately.. KAuth vulnerability, Ubuntu security, denial of service, software update. . Severity: Critical. LinuxSecurity.com Team
Apr 20, 2023
•Critical
Ubuntu
202
security advisorymoderateupdateopenSUSE: 2019:1277-1 Moderate: Kauth Insecure Argument Handling
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for kauth ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1277-1 Rating: moderate References: #1124863 Cross-References: CVE-2019-7443 Affected Products: openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kauth fixes the following issues: Security issue fixed: - CVE-2019-7443: Fixed an insecure handling of arguments in helpers by removing the support of passing gui variants (bsc#1124863). This update was imported from the openSUSE:Leap:15.0:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2019-1277=1 Package List: - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): kauth-debugsource-5.45.0-bp150.8.2 kauth-devel-5.45.0-bp150.8.2 libKF5Auth5-5.45.0-bp150.8.2 libKF5Auth5-debuginfo-5.45.0-bp150.8.2 - openSUSE Backports SLE-15 (aarch64 ppc64le s390x): libpolkit-qt5-1-1-0.112.0-bp150.3.6.1 libpolkit-qt5-1-devel-0.112.0-bp150.3.6.1 - openSUSE Backports SLE-15 (aarch64_ilp32): kauth-devel-64bit-5.45.0-bp150.8.2 libKF5Auth5-64bit-5.45.0-bp150.8.2 libKF5Auth5-64bit-debuginfo-5.45.0-bp150.8.2 libpolkit-qt5-1-1-64bit-0.112.0-bp150.3.6.1 libpolkit-qt5-1-devel-64bit-0.112.0-bp150.3.6.1 - openSUSE Backports SLE-15 (noarch): libKF5Auth5-lang-5.45.0-bp150.8.2 - openSUSE Backports SLE-15 (x86_64): libpolkit-qt5-1-1-0.112.0-bp150.3.6.2 libpolkit-qt5-1-devel-0.112.0-bp150.3.6.2 References: https://www.suse.com/security/cve/CVE-2019-7443.html https://bugzilla.suse.com/1124863 -- . openSUSE Security Update: Security update for kauth ________________________________________________. update, security, fixes, vulnerability, opensuse. . LinuxSecurity.com Team
Apr 26, 2019
OpenSUSE
202
security advisorymoderatesecurity issueopenSUSE Security Update: 2019:1051-1 Addresses Moderate Kauth Flaw
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for kauth ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1051-1 Rating: moderate References: #1124863 Cross-References: CVE-2019-7443 Affected Products: openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kauth fixes the following issues: Security issue fixed: - CVE-2019-7443: Fixed an insecure handling of arguments in helpers by removing the support of passing gui variants (bsc#1124863). This update was imported from the openSUSE:Leap:15.0:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2019-1051=1 Package List: - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): kauth-debugsource-5.32.0-bp150.3.10.1 kauth-devel-5.32.0-bp150.3.10.1 kcoreaddons-5.32.0-bp150.3.3.1 kcoreaddons-debugsource-5.32.0-bp150.3.3.1 kcoreaddons-devel-5.32.0-bp150.3.3.1 kcoreaddons-devel-debuginfo-5.32.0-bp150.3.3.1 libKF5Auth5-5.32.0-bp150.3.10.1 libKF5Auth5-debuginfo-5.32.0-bp150.3.10.1 libKF5CoreAddons5-5.32.0-bp150.3.3.1 libKF5CoreAddons5-debuginfo-5.32.0-bp150.3.3.1 libpolkit-qt5-1-1-0.112.0-bp150.3.3.1 libpolkit-qt5-1-devel-0.112.0-bp150.3.3.1 - openSUSE Backports SLE-15 (aarch64_ilp32): kauth-devel-64bit-5.32.0-bp150.3.10.1 kcoreaddons-devel-64bit-5.32.0-bp150.3.3.1 kcoreaddons-devel-64bit-debuginfo-5.32.0-bp150.3.3.1 libKF5Auth5-64bit-5.32.0-bp150.3.10.1 libKF5Auth5-64bit-debuginfo-5.32.0-bp150.3.10.1 libKF5CoreAddons5-64bit-5.32.0-bp150.3.3.1 libKF5CoreAddons5-64bit-debuginfo-5.32.0-bp150.3.3.1 libpolkit-qt5-1-1-64bit-0.112.0-bp150.3.3.1 libpolkit-qt5-1-devel-64bit-0.112.0-bp150.3.3.1 - openSUSE Backports SLE-15 (noarch): kcoreaddons-lang-5.32.0-bp150.3.3.1 libKF5Auth5-lang-5.32.0-bp150.3.10.1 References: https://www.suse.com/security/cve/CVE-2019-7443.html https://bugzilla.suse.com/1124863 -- . The recent kauth update addresses a medium-level vulnerability concerning the secure management of arguments within openSUSE.. openSUSE Backports, kauth security update, moderate threat. . LinuxSecurity.com Team
Mar 25, 2019
OpenSUSE
202
security advisorymoderateupdateopenSUSE: 2019:0242-1 Moderate: Kauth Security Issue Fix
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for kauth ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:0242-1 Rating: moderate References: #1124863 Cross-References: CVE-2019-7443 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kauth fixes the following issues: Security issue fixed: - CVE-2019-7443: Fixed an insecure handling of arguments in helpers by removing the support of passing gui variants (bsc#1124863). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-242=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-242=1 - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2019-242=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): kauth-debugsource-5.32.0-3.3.1 kauth-devel-5.32.0-3.3.1 libKF5Auth5-5.32.0-3.3.1 libKF5Auth5-debuginfo-5.32.0-3.3.1 - openSUSE Leap 42.3 (x86_64): kauth-devel-32bit-5.32.0-3.3.1 libKF5Auth5-32bit-5.32.0-3.3.1 libKF5Auth5-debuginfo-32bit-5.32.0-3.3.1 - openSUSE Leap 42.3 (noarch): libKF5Auth5-lang-5.32.0-3.3.1 - openSUSE Leap 15.0 (i586 x86_64): kauth-debugsource-5.45.0-lp150.3.3.1 kauth-devel-5.45.0-lp150.3.3.1 libKF5Auth5-5.45.0-lp150.3.3.1 libKF5Auth5-debuginfo-5.45.0-lp150.3.3.1 - openSUSE Leap 15.0 (noarch): libKF5Auth5-lang-5.45.0-lp150.3.3.1 - openSUSE Leap 15.0 (x86_64): kauth-devel-32bit-5.45.0-lp150.3.3.1 libKF5Auth5-32bit-5.45.0-lp150.3.3.1 libKF5Auth5-32bit-debuginfo-5.45.0-lp150.3.3.1 - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): kauth-debugsource-5.45.0-bp150.3.3.1 kauth-devel-5.45.0-bp150.3.3.1 libKF5Auth5-5.45.0-bp150.3.3.1 libKF5Auth5-debuginfo-5.45.0-bp150.3.3.1 - openSUSE Backports SLE-15 (aarch64_ilp32): kauth-devel-64bit-5.45.0-bp150.3.3.1 libKF5Auth5-64bit-5.45.0-bp150.3.3.1 libKF5Auth5-64bit-debuginfo-5.45.0-bp150.3.3.1 - openSUSE Backports SLE-15 (noarch): libKF5Auth5-lang-5.45.0-bp150.3.3.1 References: https://www.suse.com/security/cve/CVE-2019-7443.html https://bugzilla.suse.com/1124863 -- . This Fedora upgrade resolves a medium concern in polkit, enhancing safe parameter processing.. openSUSE Security Update, kauth patch, software update, security enhancement. . LinuxSecurity.com Team
Feb 26, 2019
OpenSUSE
203
security advisorysecurity fixroot accessMageia 6 MGASA-2019-0083 Critical: KAuth DBus Image Handling Issue
KAuth allows to pass parameters with arbitrary types to helpers running as root over DBus. Certain types can cause crashes and trigger decoding arbitrary images with dynamically loaded plugins. References: . MGASA-2019-0083 - Updated kauth packages fix security vulnerability Publication date: 14 Feb 2019 URL: https://advisories.mageia.org/MGASA-2019-0083.html Type: security Affected Mageia releases: 6 KAuth allows to pass parameters with arbitrary types to helpers running as root over DBus. Certain types can cause crashes and trigger decoding arbitrary images with dynamically loaded plugins. References: - https://bugs.mageia.org/show_bug.cgi?id=24334 - https://kde.org/info/security/advisory-20190209-1.txt SRPMS: - 6/core/kauth-5.42.0-1.1.mga6 . MGASA-2019-0083 - Updated kauth packages fix security vulnerability Publication date: 14 Feb 2019 UR. kauth, allows, parameters, arbitrary, types, helpers, running, certain. . Severity: Critical. LinuxSecurity.com Team
Feb 14, 2019
•Critical
Mageia
91
security advisoryhigh severitygentooGentoo: GLSA-201706-29 High: KAuth and KDELibs Privilege Escalation
A vulnerability in KAuth and KDELibs allows local users to gain root privileges.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201706-29 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: KAuth and KDELibs: Privilege escalation Date: June 27, 2017 Bugs: #618108 ID: 201706-29 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in KAuth and KDELibs allows local users to gain root privileges. Background ========= KAuth provides a convenient, system-integrated way to offload actions that need to be performed as a privileged user (root, for example) to small (hopefully secure) helper utilities. The KDE libraries, basis of KDE and used by many open source projects. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 kde-frameworks/kauth < 5.29.0-r1 > = 5.29.0-r1 2 kde-frameworks/kdelibs < 4.14.32 > = 4.14.32 ------------------------------------------------------------------- 2 affected packages Description ========== KAuth and KDELibs contains a logic flaw in which the service invoking D-Bus is not properly checked. This allows spoofing the identity of the caller and with some carefully crafted calls can lead to gaining root from an unprivileged account. Impact ===== A local attacker could spoof the identity of the caller invoking D-Bus, possibly resulting in gaining privileges. Workaround ========= There is no known workaround at this time. Resolution ========= All KAuth users should upgrade to the latestversion: # emerge --sync # emerge --ask --oneshot --verbose "> =kde-frameworks/kauth-5.29.0-r1" All KDELibs users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =kde-frameworks/kdelibs-4.14.32" References ========= [ 1 ] CVE-2017-8422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8422 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201706-29 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Jun 27, 2017
Gentoo
202
security advisoryprivilege escalationimportantopenSUSE Leap 42.2: openSUSE-SU-2017:1272-1 Important: KAuth Escalation
An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for kauth, kdelibs4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1272-1 Rating: important References: #1036244 Cross-References: CVE-2017-8422 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kauth and kdelibs4 fixes the following issues: - CVE-2017-8422: logic flaw in the KAuth framework allowed privilege escalation (boo#1036244). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-575=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-575=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): kauth-debugsource-5.26.0-2.3.1 kauth-devel-5.26.0-2.3.1 kdelibs4-4.14.25-7.4.1 kdelibs4-branding-upstream-4.14.25-7.4.1 kdelibs4-core-4.14.25-7.4.1 kdelibs4-core-debuginfo-4.14.25-7.4.1 kdelibs4-debuginfo-4.14.25-7.4.1 kdelibs4-debugsource-4.14.25-7.4.1 kdelibs4-doc-4.14.25-7.4.1 kdelibs4-doc-debuginfo-4.14.25-7.4.1 libKF5Auth5-5.26.0-2.3.1 libKF5Auth5-debuginfo-5.26.0-2.3.1 libkde4-4.14.25-7.4.1 libkde4-debuginfo-4.14.25-7.4.1 libkde4-devel-4.14.25-7.4.1 libkdecore4-4.14.25-7.4.1 libkdecore4-debuginfo-4.14.25-7.4.1 libkdecore4-devel-4.14.25-7.4.1 libkdecore4-devel-debuginfo-4.14.25-7.4.1 libksuseinstall-devel-4.14.25-7.4.1 libksuseinstall1-4.14.25-7.4.1 libksuseinstall1-debuginfo-4.14.25-7.4.1 - openSUSE Leap 42.2 (x86_64): kauth-devel-32bit-5.26.0-2.3.1 libKF5Auth5-32bit-5.26.0-2.3.1 libKF5Auth5-debuginfo-32bit-5.26.0-2.3.1 libkde4-32bit-4.14.25-7.4.1 libkde4-debuginfo-32bit-4.14.25-7.4.1 libkdecore4-32bit-4.14.25-7.4.1 libkdecore4-debuginfo-32bit-4.14.25-7.4.1 libksuseinstall1-32bit-4.14.25-7.4.1 libksuseinstall1-debuginfo-32bit-4.14.25-7.4.1 - openSUSE Leap 42.2 (noarch): kdelibs4-apidocs-4.14.25-7.4.1 libKF5Auth5-lang-5.26.0-2.3.1 - openSUSE Leap 42.1 (i586 x86_64): kauth-debugsource-5.21.0-16.1 kauth-devel-5.21.0-16.1 kdelibs4-4.14.18-18.1 kdelibs4-branding-upstream-4.14.18-18.1 kdelibs4-core-4.14.18-18.1 kdelibs4-core-debuginfo-4.14.18-18.1 kdelibs4-debuginfo-4.14.18-18.1 kdelibs4-debugsource-4.14.18-18.1 kdelibs4-doc-4.14.18-18.1 kdelibs4-doc-debuginfo-4.14.18-18.1 libKF5Auth5-5.21.0-16.1 libKF5Auth5-debuginfo-5.21.0-16.1 libkde4-4.14.18-18.1 libkde4-debuginfo-4.14.18-18.1 libkde4-devel-4.14.18-18.1 libkdecore4-4.14.18-18.1 libkdecore4-debuginfo-4.14.18-18.1 libkdecore4-devel-4.14.18-18.1 libkdecore4-devel-debuginfo-4.14.18-18.1 libksuseinstall-devel-4.14.18-18.1 libksuseinstall1-4.14.18-18.1 libksuseinstall1-debuginfo-4.14.18-18.1 - openSUSE Leap 42.1 (noarch): kdelibs4-apidocs-4.14.18-18.1 libKF5Auth5-lang-5.21.0-16.1 - openSUSE Leap 42.1 (x86_64): kauth-devel-32bit-5.21.0-16.1 libKF5Auth5-32bit-5.21.0-16.1 libKF5Auth5-debuginfo-32bit-5.21.0-16.1 libkde4-32bit-4.14.18-18.1 libkde4-debuginfo-32bit-4.14.18-18.1 libkdecore4-32bit-4.14.18-18.1 libkdecore4-debuginfo-32bit-4.14.18-18.1 libksuseinstall1-32bit-4.14.18-18.1 libksuseinstall1-debuginfo-32bit-4.14.18-18.1 References: https://www.suse.com/security/cve/CVE-2017-8422.html https://bugzilla.suse.com/1036244 . Addresses a critical security flaw in openSUSE's kauth and kdelibs4 modules impacting releases 42.1 and 42.2.. openSUSE Update, Important Patch, Privilege Escalation. . Severity: Important. LinuxSecurity.com Team
May 15, 2017
•Important
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!