Debian Bug report logs -
#918985
policykit-1: CVE-2019-6133: temporary auth hijacking via PID reuse and non-atomic fork
Package:
src:policykit-1;
Maintainer for src:policykit-1 is Utopia Maintenance Team <pkg-utopia-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, ...
Synopsis
Important: polkit security update
Type/Severity
Security Advisory: Important
Topic
An update for polkit is now available for Red Hat Enterprise Linux 75 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis
Important: polkit security update
Type/Severity
Security Advisory: Important
Topic
An update for polkit is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, w ...
Synopsis
Important: polkit security update
Type/Severity
Security Advisory: Important
Topic
An update for polkit is now available for Red Hat Enterprise Linux 66 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis
Important: polkit security update
Type/Severity
Security Advisory: Important
Topic
An update for polkit is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, w ...
Synopsis
Important: polkit security update
Type/Severity
Security Advisory: Important
Topic
An update for polkit is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
A vulnerability was found in polkit When authentication is performed by a non-root user to perform an administrative task, the authentication is temporarily cached in such a way that a local attacker could impersonate the authorized process, thus gaining access to elevated privileges(CVE-2019-6133) ...
The system could be made to run programs as an administrator ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
PolicyKit could allow unintended access ...
Several security issues were fixed in the Linux kernel ...
The system could be made to run programs as an administrator ...
PolicyKit could allow unintended access ...
A vulnerability was found in polkit When authentication is performed by a non-root user to perform an administrative task, the authentication is temporarily cached in such a way that a local attacker could impersonate the authorized process, thus gaining access to elevated privileges ...
In PolicyKit (aka polkit) 0115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthorityc ...