{"id":"CVE-2017-8849","details":"smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.","modified":"2026-04-16T06:16:47.294268742Z","published":"2017-05-17T14:29:00.433Z","related":["openSUSE-SU-2026:10370-1"],"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/98737"},{"type":"ADVISORY","url":"https://www.kde.org/info/security/advisory-20170510-2.txt"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3951"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/98690"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201705-14"},{"type":"FIX","url":"https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83cce"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2017/05/10/3"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1449656"},{"type":"FIX","url":"https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000e"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/42053/"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-8849.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}