Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus. Anybody can change the grub config, even to append some arguments to make a backdoor or privilege escalation, by calling DoWriteGrubSettings() provided by dde-daemon.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
DDE 权限许可和访问控制问题漏洞
Vulnerability Description
DDE(Deepin Desktop Environment)是一套基于Ubuntu的桌面环境。 DDE 15.0版本至15.3版本中存在安全漏洞。攻击者可通过调用dde-daemon提供的‘DoWriteGrubSettings()’函数利用该漏洞制作后门或获取提升的权限。
CVSS Information
N/A
Vulnerability Type
N/A