Kwetsbaarheid CVE-2019-6133

In PolicyKit (aka Polkit) 0.115, The "start Time" Protection Mechanism Can Be Bypassed Because Fork() Is Not Atomic, And Therefore Authorization Decisions Are Improperly Cached. This Is Related To Lack Of Uid Checking In Polkitbackend/polkitbackendinteractiveauthority.c.

Algemeen

CVE
CVE-2019-6133
Leverancier(s) betrokken
Omschrijving
In PolicyKit (aka Polkit) 0.115, The "start Time" Protection Mechanism Can Be Bypassed Because Fork() Is Not Atomic, And Therefore Authorization Decisions Are Improperly Cached. This Is Related To Lack Of Uid Checking In Polkitbackend/polkitbackendinteractiveauthority.c.
Publicatie
Vrijdag, 11 Januari 2019
Gewijzigd
Dinsdag, 15 Januari 2019 15:00
Ernst

Referenties

Modificatie geschiedenis

Geef hieronder je email adres op en word op de hoogte gehouden van aanpassingen aan deze CVE