The bug was discovered by Dominik “zer0pwn” Penner and impacts the KDE Frameworks package 5.60.0 and below.
The KDE Frameworks software library is at the base of the KDE desktop environment v4 and v5 (Plasma), currently included with several Linux distributions such as Kubuntu, openSUSE, OpenMandriva, Chakra, KaOS, and others.
How the vulnerability works
The vulnerability occurs because of the way the KDesktopFile class (part of KDE Frameworks) handles .desktop or .directory files.
Penner discovered that he could create malicious .desktop and .directory files that could be used to run malicious code on a user’s computer.
When a user opens the KDE file viewer to access the directory where these files are stored, the malicious code contained within the .desktop or .directory files executes without user interaction — such as running the file.
Browsing to a folder via Dolphin (the KDE GUI file manager) which contains a malicious .desktop file is enough to get code executionAlex Murray, Tech Lead for the Ubuntu Security team, told to ZDNet