ALT-PU-2022-7476-1
Package kdiskmark updated to version 3.1.2-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
Published: 2022-09-14
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-40673
KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://www.openwall.com/lists/oss-security/2022/09/14/1
- https://github.com/JonMagon/KDiskMark/commit/3c90083a4f5ba3f240a797e509d818221542bbdc
- https://github.com/JonMagon/KDiskMark/compare/3.0.0...3.1.0
- https://github.com/JonMagon/KDiskMark/releases/tag/3.1.0
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YYO3GWTNPHNCLHSI562Q3KX43PW7FQ4Q/
- http://www.openwall.com/lists/oss-security/2022/09/14/1
- https://github.com/JonMagon/KDiskMark/commit/3c90083a4f5ba3f240a797e509d818221542bbdc
- https://github.com/JonMagon/KDiskMark/compare/3.0.0...3.1.0
- https://github.com/JonMagon/KDiskMark/releases/tag/3.1.0
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YYO3GWTNPHNCLHSI562Q3KX43PW7FQ4Q/