Ubuntu Linux USBCreator D-Bus Service KVMTest Privilege Escalation Exploit

The KVMTest method in the com.ubuntu.USBCreator D-Bus service in Ubuntu Linux can invoke the kvm binary with root privileges using an arbitrary environment provided by an unprivileged user. This flaw can be leveraged by a local unprivileged attacker to gain root privileges.
Exploit type: 
Platform: 
Vulnerabilty ID: 
NOCVE-9999-71867
Product Version: 
2014_R2
Released Date: 
Thursday, May 7, 2015 - 00:00