Smb4K: Arbitrary command execution as root — GLSA 201705-14

A vulnerability in Smb4K could allow local attackers to execute commands as root.

Affected packages

net-misc/smb4k on all architectures
Affected versions < 1.2.3-r1
Unaffected versions >= 1.2.3-r1

Background

Smb4K is a SMB/CIFS (Windows) share browser for KDE.

Description

Smb4k contains a logic flaw in which mount helper binary does not properly verify the mount command it is being asked to run.

Impact

A local user can execute commands with the root privilege due to the mount helper being installed as suid.

Workaround

There is no known workaround at this time.

Resolution

All Smb4K users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-misc/smb4k-1.2.3-r1:4"
 

References

Release date
May 26, 2017

Latest revision
May 26, 2017: 2

Severity
normal

Exploitable
local

Bugzilla entries