https://bugs.kde.org/show_bug.cgi?id=498957
Bug ID: 498957
Summary: [CVE-2024-37408] Security attention for fingerprint
Classification: Plasma
Product: policykit-kde-agent-1
Version: master
Platform: Kubuntu
OS: Linux
Status: REPORTED
Severity: major
Priority: NOR
Component: general
Assignee: unassigned-b...@kde.org
Reporter: sh.ya...@gmail.com
CC: d...@kde.org, jgrul...@redhat.com, jrez...@redhat.com
Target Milestone: ---
SUMMARY
When fingerprint is configured, launching pkexec will prompt for my
fingerprint, I can send this window to the background which could serve an
attacker to do some malicious actions on my behalf.
STEPS TO REPRODUCE
(On a machine with fingerprint authentication configured)
1. Open a terminal
2. Run "pkexec whoami"
3. Observe the PolicyKit dialog
4. Send the dialog to the background
5. Tap the fingerprint reader
OBSERVED RESULT
The terminal will display root although the PolicyKit window wasn't even
focused.
EXPECTED RESULT
The fingerprint should be handled only when the PolicyKit dialog is focused and
in the front, otherwise the fingerprint should affect.
SOFTWARE/OS VERSIONS
Operating System: Kubuntu 24.10
KDE Plasma Version: 6.1.5
KDE Frameworks Version: 6.6.0
Qt Version: 6.6.2
Kernel Version: 6.11.0-13-generic (64-bit)
(Although irrelevant)
ADDITIONAL INFORMATION
The CVE is much wider but this is one of the ways to exploit this vulnerability
in KDE (Doesn't happen in GNOME).
--
You are receiving this mail because:
You are watching all bug changes.
