CVE-2018-19788 log
| Source |
|
| Severity | High |
| Remote | No |
| Type | Privilege escalation |
| Description | A security issue has been found in polkit <= 0.115, where an unprivileged user with a UID > INT_MAX can successfully execute any systemctl command. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-829 | lib32-polkit | 0.114-1 | 0.116-1 | High | Fixed | |
| AVG-828 | polkit | 0.115+3+g8638ec5-1 | 0.115+24+g5230646-1 | High | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 08 Jan 2019 | ASA-201901-2 | AVG-828 | polkit | High | privilege escalation |
| References |
|---|
https://seclists.org/oss-sec/2018/q4/198 https://gitlab.freedesktop.org/polkit/polkit/issues/74 https://gitlab.freedesktop.org/polkit/polkit/commit/2cb40c4d5feeaa09325522bd7d97910f1b59e379 |