The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) prior to 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
polkit project polkit |