Privilege Escalation from lightdm Service User to root in KAuth Helper Service (CVE-2025-62876)
Privilege Escalation from lightdm Service User to root in KAuth Helper Service (CVE-2025-62876)
security.opensuse.org
lightdm-kde-greeter: Privilege Escalation from lightdm Service User to root in KAuth Helper Service (CVE-2025-62876)
lightdm-kde-greeter is a KDE-themed greeter application for the lightdm display manager. At the beginning of September one of our community packagers asked us to review a D-Bus service contained in lightdm-kde-greeter for addition to openSUSE Tumbleweed.
In the course of the review we found a potential privilege escalation from the lightdm service user to root which is facilitated by this D-Bus service, among some other shortcomings in its implementation.