{"id":"CVE-2017-8422","details":"KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.","modified":"2026-04-02T00:26:40.614895Z","published":"2017-05-17T14:29:00.387Z","related":["MGASA-2017-0274","SUSE-SU-2017:1335-1","openSUSE-SU-2017:1254-1","openSUSE-SU-2017:1272-1","openSUSE-SU-2024:10887-1"],"references":[{"type":"WEB","url":"http://www.securitytracker.com/id/1038480"},{"type":"WEB","url":"https://www.exploit-db.com/exploits/42053/"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3849"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2017/05/10/3"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/98412"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201706-29"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1264"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1449647"},{"type":"FIX","url":"https://www.kde.org/info/security/advisory-20170510-1.txt"},{"type":"FIX","url":"https://cgit.kde.org/kauth.git/commit/?id=df875f725293af53399f5146362eb158b4f9216a"},{"type":"FIX","url":"https://cgit.kde.org/kdelibs.git/commit/?id=264e97625abe2e0334f97de17f6ffb52582888ab"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kde/kauth","events":[{"introduced":"0"},{"last_affected":"213cbb0ccd23a2114e688d51f3c3867cf37ef8ee"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.33"}]}},{"type":"GIT","repo":"https://github.com/kde/kdelibs","events":[{"introduced":"0"},{"last_affected":"d9213d0c2de17f60c57e1e216313963d613b9e16"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.14.31"}]}}],"versions":["KDE/4.8.97","enterprise35.0.20110211.155922","enterprise35.0.20110218.170407","enterprise35.0.20110303.20014","enterprise35.0.20110314.131108","enterprise35.0.20110316.220420","enterprise35.0.20110318.191018","enterprise35.0.20110321.194025","enterprise35.0.20110325.142558","enterprise35.0.20110401.164849","enterprise35.0.20110527.160956","enterprise35.0.20110603.125843","enterprise35.0.20110624.123358","enterprise35.0.20110627.140115","enterprise35.0.20110715.131545","enterprise35.0.20110718.02742","enterprise35.0.20110729.151928","enterprise35.0.20110815.125655","enterprise35.0.20110817.170530","enterprise35.0.20110819.140807","enterprise35.0.20110825.155432","enterprise35.0.20110909.200128","enterprise35.0.20111005.161249","enterprise35.0.20111021.181743","enterprise35.0.20111029.163156","enterprise35.0.20111106.211749","enterprise35.0.20120104.05843","enterprise35.0.20120106.160131","enterprise35.0.20120112.02118","enterprise35.0.20120114.153205","enterprise35.0.20120122.155053","enterprise35.0.20120123.175258","enterprise35.0.20120127.192549","enterprise35.0.20120203.142236","enterprise35.0.20120224.181852","enterprise35.0.20120229.153614","enterprise35.0.20120316.192800","enterprise35.0.20120322.163621","enterprise35.0.20120507.195819","enterprise35.0.20120531.165959","enterprise35.0.20120608.170625","enterprise35.0.20120622.152333","enterprise35.0.20120622.152644","enterprise35.0.20120720.153456","enterprise35.0.20120727.154134","enterprise35.0.20120803.153845","enterprise35.0.20120810.152201","enterprise35.0.20121019.155751","enterprise35.0.20121116.190457","enterprise35.0.20130410.215330","enterprise35.0.20130718.103214","enterprise35.0.20130718.103514","enterprise35.0.20130718.104434","plasma2tp","plugin.ready","v1.1.0","v1.1.1","v1.1.2","v2.0.0","v2.0.1","v2.1.0","v2.1.1","v2.1.2","v2.2.0","v2.2.1","v2.2.2","v3.0.0","v3.0.1","v3.0.2","v3.0.3","v3.0.4","v3.0.5","v3.0.5a","v3.1.0","v3.1.1","v3.1.2","v3.1.3","v3.1.4","v3.1.5","v3.2.0","v3.2.1","v3.2.2","v3.2.3","v3.3.0","v3.3.1","v3.3.2","v3.4.0","v3.4.0-beta1","v3.4.0-beta2","v3.4.1","v3.4.2","v3.4.3","v3.4.90","v3.4.91","v3.4.92","v3.5.0","v3.5.1","v3.5.10","v3.5.2","v3.5.3","v3.5.4","v3.5.5","v3.5.6","v3.5.7","v3.5.8","v3.5.9","v3.80.2","v3.80.3","v3.90.1","v3.91","v3.92","v3.93","v3.94","v3.95","v3.96","v3.97","v4.0.0","v4.0.1","v4.0.2","v4.0.3","v4.0.4","v4.0.5","v4.0.71","v4.0.80","v4.0.83","v4.0.98","v4.1.0","v4.1.1","v4.1.2","v4.1.3","v4.1.4","v4.1.80","v4.1.85","v4.1.96","v4.10.0","v4.10.1","v4.10.2","v4.10.3","v4.10.4","v4.10.5","v4.10.80","v4.10.90","v4.10.95","v4.10.97","v4.100.0-rc1","v4.100.0-rc2","v4.11.0","v4.11.1","v4.11.2","v4.11.3","v4.11.4","v4.11.5","v4.11.80","v4.11.90","v4.11.95","v4.11.97","v4.12.0","v4.12.1","v4.12.2","v4.12.3","v4.12.4","v4.12.5","v4.12.80","v4.12.90","v4.12.95","v4.12.97","v4.13.0","v4.13.1","v4.13.2","v4.13.3","v4.13.80","v4.13.90","v4.13.95","v4.13.97","v4.14.0","v4.14.1","v4.14.10","v4.14.11","v4.14.12","v4.14.13","v4.14.14","v4.14.15","v4.14.16","v4.14.17","v4.14.18","v4.14.19","v4.14.2","v4.14.20","v4.14.21","v4.14.22","v4.14.23","v4.14.24","v4.14.25","v4.14.26","v4.14.27","v4.14.28","v4.14.29","v4.14.3","v4.14.30","v4.14.31","v4.14.4","v4.14.5","v4.14.6","v4.14.7","v4.14.8","v4.14.9","v4.2.0","v4.2.1","v4.2.2","v4.2.3","v4.2.4","v4.2.85","v4.2.90","v4.2.95","v4.2.96","v4.2.98","v4.3.0","v4.3.1","v4.3.2","v4.3.3","v4.3.4","v4.3.5","v4.3.80","v4.3.85","v4.3.90","v4.3.95","v4.3.98","v4.4.0","v4.4.1","v4.4.2","v4.4.3","v4.4.4","v4.4.5","v4.4.80","v4.4.85","v4.4.90","v4.4.92","v4.4.95","v4.5.0","v4.5.1","v4.5.2","v4.5.3","v4.5.3-test","v4.5.4","v4.5.5","v4.5.80","v4.5.85","v4.5.90","v4.5.95","v4.6.0","v4.6.1","v4.6.2","v4.6.3","v4.6.4","v4.6.5","v4.6.90","v4.6.95","v4.7.0","v4.7.1","v4.7.2","v4.7.3","v4.7.4","v4.7.95","v4.7.97","v4.8.0","v4.8.1","v4.8.2","v4.8.3","v4.8.4","v4.8.5","v4.8.80","v4.8.90","v4.8.95","v4.8.97","v4.9.0","v4.9.1","v4.9.2","v4.9.3","v4.9.4","v4.9.5","v4.9.80","v4.9.90","v4.9.95","v4.9.97","v4.9.98","v4.95.0","v4.96.0","v4.97.0","v4.98.0","v4.99.0-rc1","v4.99.0-rc3","v5.0.0","v5.0.0-rc1","v5.1.0","v5.1.0-rc1","v5.10.0","v5.10.0-rc1","v5.100.0","v5.100.0-rc1","v5.101.0","v5.101.0-rc1","v5.102.0","v5.102.0-rc1","v5.103.0","v5.103.0-rc1","v5.104.0","v5.104.0-rc1","v5.105.0","v5.105.0-rc1","v5.106.0","v5.106.0-rc1","v5.107.0","v5.107.0-rc1","v5.108.0","v5.108.0-rc1","v5.109.0","v5.109.0-rc1","v5.11.0","v5.11.0-rc1","v5.110.0","v5.110.0-rc1","v5.111.0","v5.111.0-rc1","v5.112.0","v5.112.0-rc1","v5.113.0","v5.113.0-rc1","v5.114.0","v5.114.0-rc1","v5.115.0","v5.115.0-rc1","v5.116.0","v5.116.0-rc1","v5.12.0","v5.12.0-rc1","v5.13.0","v5.13.0-rc1","v5.14.0","v5.14.0-rc1","v5.15.0","v5.15.0-rc1","v5.16.0","v5.16.0-rc1","v5.17.0","v5.17.0-rc1","v5.18.0","v5.18.0-rc1","v5.19.0","v5.19.0-rc1","v5.2.0","v5.2.0-rc1","v5.20.0","v5.20.0-rc1","v5.21.0","v5.21.0-rc1","v5.21.0-rc2","v5.22.0","v5.22.0-rc1","v5.23.0","v5.23.0-rc1","v5.24.0","v5.24.0-rc1","v5.245.0","v5.246.0","v5.247.0","v5.248.0","v5.249.0","v5.25.0","v5.25.0-rc1","v5.26.0","v5.26.0-rc1","v5.26.0-rc2","v5.27.0","v5.27.0-rc1","v5.28.0","v5.28.0-rc1","v5.29.0","v5.29.0-rc1","v5.3.0","v5.3.0-rc1","v5.30.0","v5.30.0-rc1","v5.30.0-rc2","v5.31.0","v5.31.0-rc1","v5.32.0","v5.32.0-rc1","v5.33.0","v5.33.0-rc1","v5.34.0","v5.34.0-rc1","v5.34.0-rc2","v5.35.0","v5.35.0-rc1","v5.36.0","v5.36.0-rc1","v5.37.0","v5.37.0-rc1","v5.38.0","v5.38.0-rc1","v5.39.0","v5.39.0-rc1","v5.4.0","v5.4.0-rc1","v5.40.0","v5.40.0-rc1","v5.41.0","v5.41.0-rc1","v5.42.0","v5.42.0-rc1","v5.43.0","v5.43.0-rc1","v5.44.0","v5.44.0-rc1","v5.45.0","v5.45.0-rc1","v5.46.0","v5.46.0-rc1","v5.47.0","v5.47.0-rc1","v5.48.0","v5.48.0-rc1","v5.49.0","v5.49.0-rc1","v5.5.0","v5.5.0-rc1","v5.50.0","v5.50.0-rc1","v5.51.0","v5.51.0-rc1","v5.52.0","v5.52.0-rc1","v5.53.0","v5.53.0-rc1","v5.54.0","v5.54.0-rc1","v5.55.0","v5.55.0-rc1","v5.56.0","v5.56.0-rc1","v5.57.0","v5.57.0-rc1","v5.58.0","v5.58.0-rc1","v5.59.0","v5.59.0-rc1","v5.6.0","v5.6.0-rc1","v5.60.0","v5.60.0-rc1","v5.61.0","v5.61.0-rc1","v5.62.0","v5.62.0-rc1","v5.63.0","v5.63.0-rc1","v5.63.0-rc2","v5.64.0","v5.64.0-rc1","v5.65.0","v5.65.0-rc1","v5.66.0","v5.66.0-rc1","v5.67.0","v5.67.0-rc1","v5.68.0","v5.68.0-rc1","v5.69.0","v5.69.0-rc1","v5.7.0","v5.7.0-rc1","v5.70.0","v5.70.0-rc1","v5.71.0","v5.71.0-rc1","v5.71.0-rc2","v5.71.0-rc3","v5.72.0","v5.72.0-rc1","v5.73.0","v5.73.0-rc1","v5.74.0","v5.74.0-rc1","v5.75.0","v5.75.0-rc1","v5.76.0","v5.76.0-rc1","v5.77.0","v5.77.0-rc1","v5.78.0","v5.78.0-rc1","v5.79.0","v5.79.0-rc1","v5.79.0-rc2","v5.8.0","v5.8.0-rc1","v5.80.0","v5.80.0-rc1","v5.81.0","v5.81.0-rc1","v5.81.0-rc2","v5.82.0","v5.82.0-rc1","v5.83.0","v5.83.0-rc1","v5.84.0","v5.84.0-rc1","v5.85.0","v5.85.0-rc1","v5.86.0","v5.86.0-rc1","v5.87.0","v5.87.0-rc1","v5.88.0","v5.88.0-rc1","v5.89.0","v5.89.0-rc1","v5.9.0","v5.9.0-rc1","v5.90.0","v5.90.0-rc1","v5.91.0","v5.91.0-rc1","v5.92.0","v5.92.0-rc1","v5.93.0","v5.93.0-rc1","v5.94.0","v5.94.0-rc1","v5.94.0-rc2","v5.94.0-rc3","v5.95.0","v5.95.0-rc1","v5.96.0","v5.96.0-rc1","v5.97.0","v5.97.0-rc1","v5.98.0","v5.98.0-rc1","v5.99.0","v5.99.0-rc1","v6.0.0","v6.1.0","v6.10.0","v6.10.0-rc1","v6.11.0","v6.11.0-rc1","v6.12.0","v6.12.0-rc1","v6.13.0","v6.13.0-rc1","v6.14.0","v6.14.0-rc1","v6.15.0","v6.15.0-rc1","v6.16.0","v6.16.0-rc1","v6.17.0","v6.17.0-rc1","v6.18.0","v6.18.0-rc1","v6.19.0","v6.19.0-rc1","v6.2.0","v6.20.0","v6.20.0-rc1","v6.21.0","v6.21.0-rc1","v6.22.0","v6.22.0-rc1","v6.23.0","v6.23.0-rc1","v6.24.0","v6.24.0-rc1","v6.3.0","v6.3.0-rc1","v6.4.0","v6.4.0-rc1","v6.5.0","v6.5.0-rc1","v6.6.0","v6.6.0-rc1","v6.7.0","v6.7.0-rc1","v6.8.0","v6.8.0-rc1","v6.9.0","v6.9.0-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-8422.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}