Описание
A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and information disclosure.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 0.105-18ubuntu0.1 |
| bionic | released | 0.105-20ubuntu0.18.04.1 |
| devel | not-affected | 0.105-21 |
| esm-infra-legacy/trusty | released | 0.105-4ubuntu3.14.04.2 |
| esm-infra/bionic | released | 0.105-20ubuntu0.18.04.1 |
| esm-infra/xenial | released | 0.105-14.1ubuntu0.1 |
| precise/esm | not-affected | 0.104-1ubuntu1.2 |
| trusty | released | 0.105-4ubuntu3.14.04.2 |
| trusty/esm | released | 0.105-4ubuntu3.14.04.2 |
| upstream | released | 0.105-21 |
Показывать по
3.6 Low
CVSS2
4.4 Medium
CVSS3
Связанные уязвимости
A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and information disclosure.
A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and information disclosure.
A flaw was found in polkit before version 0.116. The implementation of ...
3.6 Low
CVSS2
4.4 Medium
CVSS3