CVE-2018-19788 log
Source |
|
Severity | High |
Remote | No |
Type | Privilege escalation |
Description | A security issue has been found in polkit <= 0.115, where an unprivileged user with a UID > INT_MAX can successfully execute any systemctl command. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-829 | lib32-polkit | 0.114-1 | 0.116-1 | High | Fixed | |
AVG-828 | polkit | 0.115+3+g8638ec5-1 | 0.115+24+g5230646-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
08 Jan 2019 | ASA-201901-2 | AVG-828 | polkit | High | privilege escalation |
References |
---|
https://seclists.org/oss-sec/2018/q4/198 https://gitlab.freedesktop.org/polkit/polkit/issues/74 https://gitlab.freedesktop.org/polkit/polkit/commit/2cb40c4d5feeaa09325522bd7d97910f1b59e379 |