CVE-2018-19788

Опубликовано: 03 дек. 2018

Источник: redhat

CVSS3: 7

Описание

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

Отчет

This issue affects the versions of polkit as shipped with Red Hat Enterprise Linux 6 and 7. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/. This issue affects the versions of polkit as shipped with Red Hat Virtualization 4. System users beyond those created at installation time are typically not used in Red Hat Virtualization Hypervisor or Management Appliance hosts, nor is there any opportunity to accidentally or maliciously create a user with a dangerous uid/gid on these systems under normal operation. For Red Hat Virtualization, this vulnerability has been rated as having a security impact of Low. Future updates may address this issue.

Меры по смягчению последствий

Do not allow negative UIDs or UIDs greater than 2147483647.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	polkit	Will not fix
Red Hat Enterprise Linux 8	polkit	Not affected
Red Hat Virtualization 4	redhat-virtualization-host	Will not fix
Red Hat Virtualization 4	rhvm-appliance	Will not fix
Red Hat Enterprise Linux 7	polkit	Fixed	RHSA-2019:2046	06.08.2019
Red Hat Enterprise Linux 7.6 Extended Update Support	polkit	Fixed	RHSA-2019:3232	29.10.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-287

https://bugzilla.redhat.com/show_bug.cgi?id=1655925polkit: Improper handling of user with uid > INT_MAX leading to authentication bypass

7 High

CVSS3

Связанные уязвимости

CVE-2018-19788

CVSS3: 8.8

ubuntu

около 7 лет назад

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

CVE-2018-19788

CVSS3: 8.8

nvd

около 7 лет назад

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

CVE-2018-19788

CVSS3: 8.8

debian

около 7 лет назад

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user wi ...

openSUSE-SU-2019:0010-1

suse-cvrf

почти 7 лет назад

Security update for polkit

openSUSE-SU-2018:4282-1

suse-cvrf

около 7 лет назад

Security update for polkit

7 High

CVSS3