CVE-2021-3560 log

Severity Medium
Remote No
Type Privilege escalation
A security issue was found in polkit before version 0.119. When a requesting process disconnects from dbus-daemon just before the call to polkit_system_bus_name_get_creds_sync starts, the process cannot get a unique uid and pid of the process and it cannot verify the privileges of the requesting process.
Group Package Affected Fixed Severity Status Ticket
AVG-2028 polkit 0.118-1 0.119-1 Medium Fixed
Date Advisory Group Package Severity Type
09 Jun 2021 ASA-202106-24 AVG-2028 polkit Medium privilege escalation