MGASA-2020-0412

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2020-0412.html

Import Source

https://advisories.mageia.org/MGASA-2020-0412.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2020-0412

Related

CVE-2020-28049

Published

2020-11-10T15:20:00Z

Modified

2020-11-10T13:39:53Z

Summary

Updated sddm package fixes a security vulnerability

Details

Fabian Vogt discovered a flaw in sddm before 0.19.0. A local attacker can take advantage of a race condition when creating the Xauthority file to escalate privileges (CVE-2020-28049).

References

https://advisories.mageia.org/MGASA-2020-0412.html
https://bugs.mageia.org/show_bug.cgi?id=27565
https://www.debian.org/security/2020/dsa-4783
https://www.openwall.com/lists/oss-security/2020/11/04/2

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2020-0412

Affected packages