Main Vulnerability Database SB2015012612

SB2015012612 - Privilege escalation in Midgard2

Published: January 26, 2015 Updated: November 27, 2025

Security Bulletin ID SB2015012612

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2014-8148)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the default D-Bus access control rule allows to sent arbitrary method calls or signals to any process on the system bus. A local user can execute arbitrary code as root.

Remediation

Install update from vendor's website.

References

http://lists.opensuse.org/opensuse-updates/2015-01/msg00051.html
http://lists.opensuse.org/opensuse-updates/2015-02/msg00066.html
http://www.openwall.com/lists/oss-security/2015/01/05/2