ALT-PU-2021-4594-1

Severity:

Closed issues (6)

BDU:2019-00885

HIGH8.8

Уязвимость программной платформы для управления административными политиками и привилегиями Policykit, связанная с ошибками при обработке больших значений идентификаторов пользователей, позволяющая нарушителю обойти процедуру аутентификации

Published: 2019-03-06Modified: 2021-03-23

CVSS 3.xHIGH 8.8

CVSS:3.x/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 9.0

CVSS:2.0/AV:N/AC:L/Au:S/C:C/I:C/A:C

References

CVE-2018-19788

BDU:2019-01338

MEDIUM6.7

Уязвимость библиотеки Polkit операционных систем Linux, позволяющая нарушителю выполнить произвольные команды

Published: 2019-04-12Modified: 2024-06-18

CVSS 3.xMEDIUM 6.7

CVSS:3.x/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS 2.0MEDIUM 6.6

CVSS:2.0/AV:L/AC:M/Au:S/C:C/I:C/A:C

References

CVE-2019-6133

BDU:2021-03207

HIGH7.8

Уязвимость функции polkit_system_bus_name_get_creds_sync() демона dbus-daemon библиотеки Polkit, позволяющая нарушителю повысить свои привилегии

Published: 2021-06-23Modified: 2026-03-13

CVSS 3.xHIGH 7.8

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2021-3560

CVE-2018-19788

HIGH8.8

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

Published: 2018-12-03Modified: 2024-11-21

CVSS 2.0CRITICAL 9.0

CVSS:2.0/AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

CVE-2019-6133

MEDIUM6.7

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.

Published: 2019-01-11Modified: 2024-11-21

CVSS 2.0MEDIUM 4.4

CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS 3.xMEDIUM 6.7

CVSS:3.x/CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

References

CVE-2021-3560

HIGH7.8

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Published: 2022-02-16Modified: 2025-11-06

CVSS 2.0HIGH 7.2

CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 3.xHIGH 7.8

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

Closed bugs (1)

Bug #39420

Package update polkit in branch sisyphus_riscv64

Closed issues (6)

Уязвимость библиотеки Polkit операционных систем Linux, позволяющая нарушителю выполнить произвольные команды

Уязвимость функции polkit_system_bus_name_get_creds_sync() демона dbus-daemon библиотеки Polkit, позволяющая нарушителю повысить свои привилегии

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.

Closed bugs (1)

Polkit не проверяет список групп пользователя, назначенныx через NSS.