CVE-2024-36041 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2024-36041 Interim 1 9 2025-02-16T01:12:53Z current 2024-05-31T23:09:53Z 2025-02-16T01:12:53Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2024-36041 KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the session-restore feature to execute arbitrary code as the victim (on the next boot) via earlier use of the /tmp directory. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VXFL4FV75KKEUKXI3LJ5OTFGTIP4IVYA/ E-Mail link for openSUSE-SU-2024:0161-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Package Hub 15 SP5 SUSE Package Hub 15 SP6 openSUSE Leap 15.5 openSUSE Leap 15.6 openSUSE Tumbleweed gmenudbusmenuproxy-5.27.11-bp156.3.3.1 gmenudbusmenuproxy-5.27.9-bp155.2.6.1 plasma5-session-5.27.11-bp156.3.3.1 plasma5-session-5.27.9-bp155.2.6.1 plasma5-session-wayland-5.27.11-bp156.3.3.1 plasma5-session-wayland-5.27.9-bp155.2.6.1 plasma5-workspace-5.27.11-bp156.3.3.1 plasma5-workspace-5.27.9-bp155.2.6.1 plasma5-workspace-devel-5.27.11-bp156.3.3.1 plasma5-workspace-devel-5.27.9-bp155.2.6.1 plasma5-workspace-lang-5.27.11-bp156.3.3.1 plasma5-workspace-lang-5.27.9-bp155.2.6.1 plasma5-workspace-libs-5.27.11-bp156.3.3.1 plasma5-workspace-libs-5.27.9-bp155.2.6.1 plasma6-session-6.0.5-2.1 plasma6-session-x11-6.0.5-2.1 plasma6-workspace-6.0.5-2.1 plasma6-workspace-devel-6.0.5-2.1 plasma6-workspace-lang-6.0.5-2.1 plasma6-workspace-libs-6.0.5-2.1 sddm-qt6-branding-openSUSE-6.0.5-2.1 xembedsniproxy-5.27.11-bp156.3.3.1 xembedsniproxy-5.27.9-bp155.2.6.1 gmenudbusmenuproxy-5.27.9-bp155.2.6.1 as a component of SUSE Package Hub 15 SP5 plasma5-session-5.27.9-bp155.2.6.1 as a component of SUSE Package Hub 15 SP5 plasma5-session-wayland-5.27.9-bp155.2.6.1 as a component of SUSE Package Hub 15 SP5 plasma5-workspace-5.27.9-bp155.2.6.1 as a component of SUSE Package Hub 15 SP5 plasma5-workspace-devel-5.27.9-bp155.2.6.1 as a component of SUSE Package Hub 15 SP5 plasma5-workspace-lang-5.27.9-bp155.2.6.1 as a component of SUSE Package Hub 15 SP5 plasma5-workspace-libs-5.27.9-bp155.2.6.1 as a component of SUSE Package Hub 15 SP5 xembedsniproxy-5.27.9-bp155.2.6.1 as a component of SUSE Package Hub 15 SP5 gmenudbusmenuproxy-5.27.11-bp156.3.3.1 as a component of SUSE Package Hub 15 SP6 plasma5-session-5.27.11-bp156.3.3.1 as a component of SUSE Package Hub 15 SP6 plasma5-session-wayland-5.27.11-bp156.3.3.1 as a component of SUSE Package Hub 15 SP6 plasma5-workspace-5.27.11-bp156.3.3.1 as a component of SUSE Package Hub 15 SP6 plasma5-workspace-devel-5.27.11-bp156.3.3.1 as a component of SUSE Package Hub 15 SP6 plasma5-workspace-lang-5.27.11-bp156.3.3.1 as a component of SUSE Package Hub 15 SP6 plasma5-workspace-libs-5.27.11-bp156.3.3.1 as a component of SUSE Package Hub 15 SP6 xembedsniproxy-5.27.11-bp156.3.3.1 as a component of SUSE Package Hub 15 SP6 gmenudbusmenuproxy-5.27.9-bp155.2.6.1 as a component of openSUSE Leap 15.5 plasma5-session-5.27.9-bp155.2.6.1 as a component of openSUSE Leap 15.5 plasma5-session-wayland-5.27.9-bp155.2.6.1 as a component of openSUSE Leap 15.5 plasma5-workspace-5.27.9-bp155.2.6.1 as a component of openSUSE Leap 15.5 plasma5-workspace-devel-5.27.9-bp155.2.6.1 as a component of openSUSE Leap 15.5 plasma5-workspace-lang-5.27.9-bp155.2.6.1 as a component of openSUSE Leap 15.5 plasma5-workspace-libs-5.27.9-bp155.2.6.1 as a component of openSUSE Leap 15.5 xembedsniproxy-5.27.9-bp155.2.6.1 as a component of openSUSE Leap 15.5 gmenudbusmenuproxy-5.27.11-bp156.3.3.1 as a component of openSUSE Leap 15.6 plasma5-session-5.27.11-bp156.3.3.1 as a component of openSUSE Leap 15.6 plasma5-session-wayland-5.27.11-bp156.3.3.1 as a component of openSUSE Leap 15.6 plasma5-workspace-5.27.11-bp156.3.3.1 as a component of openSUSE Leap 15.6 plasma5-workspace-devel-5.27.11-bp156.3.3.1 as a component of openSUSE Leap 15.6 plasma5-workspace-lang-5.27.11-bp156.3.3.1 as a component of openSUSE Leap 15.6 plasma5-workspace-libs-5.27.11-bp156.3.3.1 as a component of openSUSE Leap 15.6 xembedsniproxy-5.27.11-bp156.3.3.1 as a component of openSUSE Leap 15.6 plasma6-session-6.0.5-2.1 as a component of openSUSE Tumbleweed plasma6-session-x11-6.0.5-2.1 as a component of openSUSE Tumbleweed plasma6-workspace-6.0.5-2.1 as a component of openSUSE Tumbleweed plasma6-workspace-devel-6.0.5-2.1 as a component of openSUSE Tumbleweed plasma6-workspace-lang-6.0.5-2.1 as a component of openSUSE Tumbleweed plasma6-workspace-libs-6.0.5-2.1 as a component of openSUSE Tumbleweed sddm-qt6-branding-openSUSE-6.0.5-2.1 as a component of openSUSE Tumbleweed KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the session-restore feature to execute arbitrary code as the victim (on the next boot) via earlier use of the /tmp directory. CVE-2024-36041 SUSE Package Hub 15 SP5:gmenudbusmenuproxy-5.27.9-bp155.2.6.1 SUSE Package Hub 15 SP5:plasma5-session-5.27.9-bp155.2.6.1 SUSE Package Hub 15 SP5:plasma5-session-wayland-5.27.9-bp155.2.6.1 SUSE Package Hub 15 SP5:plasma5-workspace-5.27.9-bp155.2.6.1 SUSE Package Hub 15 SP5:plasma5-workspace-devel-5.27.9-bp155.2.6.1 SUSE Package Hub 15 SP5:plasma5-workspace-lang-5.27.9-bp155.2.6.1 SUSE Package Hub 15 SP5:plasma5-workspace-libs-5.27.9-bp155.2.6.1 SUSE Package Hub 15 SP5:xembedsniproxy-5.27.9-bp155.2.6.1 SUSE Package Hub 15 SP6:gmenudbusmenuproxy-5.27.11-bp156.3.3.1 SUSE Package Hub 15 SP6:plasma5-session-5.27.11-bp156.3.3.1 SUSE Package Hub 15 SP6:plasma5-session-wayland-5.27.11-bp156.3.3.1 SUSE Package Hub 15 SP6:plasma5-workspace-5.27.11-bp156.3.3.1 SUSE Package Hub 15 SP6:plasma5-workspace-devel-5.27.11-bp156.3.3.1 SUSE Package Hub 15 SP6:plasma5-workspace-lang-5.27.11-bp156.3.3.1 SUSE Package Hub 15 SP6:plasma5-workspace-libs-5.27.11-bp156.3.3.1 SUSE Package Hub 15 SP6:xembedsniproxy-5.27.11-bp156.3.3.1 openSUSE Leap 15.5:gmenudbusmenuproxy-5.27.9-bp155.2.6.1 openSUSE Leap 15.5:plasma5-session-5.27.9-bp155.2.6.1 openSUSE Leap 15.5:plasma5-session-wayland-5.27.9-bp155.2.6.1 openSUSE Leap 15.5:plasma5-workspace-5.27.9-bp155.2.6.1 openSUSE Leap 15.5:plasma5-workspace-devel-5.27.9-bp155.2.6.1 openSUSE Leap 15.5:plasma5-workspace-lang-5.27.9-bp155.2.6.1 openSUSE Leap 15.5:plasma5-workspace-libs-5.27.9-bp155.2.6.1 openSUSE Leap 15.5:xembedsniproxy-5.27.9-bp155.2.6.1 openSUSE Leap 15.6:gmenudbusmenuproxy-5.27.11-bp156.3.3.1 openSUSE Leap 15.6:plasma5-session-5.27.11-bp156.3.3.1 openSUSE Leap 15.6:plasma5-session-wayland-5.27.11-bp156.3.3.1 openSUSE Leap 15.6:plasma5-workspace-5.27.11-bp156.3.3.1 openSUSE Leap 15.6:plasma5-workspace-devel-5.27.11-bp156.3.3.1 openSUSE Leap 15.6:plasma5-workspace-lang-5.27.11-bp156.3.3.1 openSUSE Leap 15.6:plasma5-workspace-libs-5.27.11-bp156.3.3.1 openSUSE Leap 15.6:xembedsniproxy-5.27.11-bp156.3.3.1 openSUSE Tumbleweed:plasma6-session-6.0.5-2.1 openSUSE Tumbleweed:plasma6-session-x11-6.0.5-2.1 openSUSE Tumbleweed:plasma6-workspace-6.0.5-2.1 openSUSE Tumbleweed:plasma6-workspace-devel-6.0.5-2.1 openSUSE Tumbleweed:plasma6-workspace-lang-6.0.5-2.1 openSUSE Tumbleweed:plasma6-workspace-libs-6.0.5-2.1 openSUSE Tumbleweed:sddm-qt6-branding-openSUSE-6.0.5-2.1 important 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H