dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus. Anybody can change the grub config, even to append some arguments to make a backdoor or privilege escalation, by calling DoWriteGrubSettings() provided by dde-daemon.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HDeepin Desktop Environment
APPDeepin15.015.115.215.3
Powiązane podatności
Path traversal w Deepin-Compressor umożliwiający zdalne wykonanie kodu
RCE w Deepin Reader poprzez path traversal w plikach DOCX
deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper:...
In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, an...
deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to download an ISO...