CVE-2020-27187

Name of the Vulnerable Software and Affected Versions KDE Partition Manager versions 4.1.0 through 4.1.x

Description A logic flaw exists in the kpmcore externalcommand helper of KDE Partition Manager, where the service invoking D-Bus is not properly checked. This allows an attacker on the local machine to replace /etc/fstab and execute mount and other partitioning related commands while KDE Partition Manager is running, potentially leading to the gain of full root privileges.

Recommendations For versions 4.1.0 through 4.1.x, update to version 4.2.0 or later to resolve the issue.