KSmserver Product Security Update Advisory (CVE-2024-36041)

Jul 10 2024

Overview

An update has been made available to address a vulnerability in the KSmserver product. Users of affected versions are advised to update to the latest version.

Affected Products

KSmserver plasma-workspace version: ~ 5.27.11.1 (excluded)
KSmserver plasma-workspace versions: 6.0.0.0 (inclusive) ~ 6.0.5.1 (excluded)

Resolved Vulnerabilities

Vulnerability that allows host-based ICE connections, allowing session management access and arbitrary code execution by other users on the same device (CVE-2024-36041)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

KSmserver plasma-workspace version: 5.27.11.1
KSmserver plasma-workspace version: 6.0.5.1

Referenced Sites

[1] CVE-2024-36041 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-36041

[2] ksmserver: Unauthorized users can access session manager

https://kde.org/info/security/advisory-20240531-1.txt

KSmserver Product Security Update Advisory (CVE-2024-36041)

Apache HTTP Server Security Update Advisory (CVE-2024-39884)

WhatsUp Gold product security update advisory

Tags:

Apache HTTP Server Security Update Advisory (CVE-2024-39884)

WhatsUp Gold product security update advisory