AVG-828

Package polkit
Status Fixed
Severity High
Type privilege escalation
Affected 0.115+3+g8638ec5-1
Fixed 0.115+24+g5230646-1
Current 0.115+24+g5230646-1 [extra]
Ticket None
Created Sat Dec 8 22:32:06 2018
Issue Severity Remote Type Description
CVE-2018-19788 High No Privilege escalation
A security issue has been found in polkit <= 0.115, where an unprivileged user with a UID > INT_MAX can successfully execute any systemctl command.
Date Advisory Package Description
08 Jan 2019 ASA-201901-2 polkit privilege escalation
References
https://seclists.org/oss-sec/2018/q4/198