CVE-2014-7272

Name of the Vulnerable Software and Affected Versions Simple Desktop Display Manager (SDDM) versions prior to 0.10.0

Description The issue allows local users to gain root privileges due to code running as root performing write operations within a user's home directory. This can be exploited if the user has created links in advance, and in some cases, requires winning a race condition in the ~/.Xauthority chown case. The vulnerability is related to insufficient access control.

Recommendations For versions prior to 0.10.0, update to version 0.10.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive directories and files within the user's home directory to minimize the risk of exploitation.