Showing 1 - 6 of 6

CVE-2018-19788

Status Candidate

Overview

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

Red Hat Security Advisory 2019-3232-01: Posted Oct 29, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3232-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include a bypass vulnerability.; tags | advisory, bypass; systems | linux, redhat; advisories | CVE-2018-19788; SHA-256 | 9257b343607816b0b98f99e027b4fe3185a66876aedc5f1ee5ce31a4b6ae9211; Download | Favorite | View

Gentoo Linux Security Advisory 201908-14: Posted Aug 15, 2019; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201908-14 - Multiple vulnerabilities have been found in polkit, the worst of which could result in privilege escalation. Versions less than 0.115-r2 are affected.; tags | advisory, vulnerability; systems | linux, gentoo; advisories | CVE-2018-1116, CVE-2018-19788; SHA-256 | 72057a572ca36c14f97562a44eb2096c759400201674f862cc97946ccd12b61b; Download | Favorite | View

Red Hat Security Advisory 2019-2046-01: Posted Aug 6, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-2046-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include a bypass vulnerability.; tags | advisory, bypass; systems | linux, redhat; advisories | CVE-2018-19788; SHA-256 | 40c92adc181e73760c49845a0b70df6fd16bd9a4d281021b4e21a1484f3e0762; Download | Favorite | View

Ubuntu Security Notice USN-3861-2: Posted Jan 17, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3861-2 - USN-3861-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PolicyKit incorrectly handled certain large user UIDs. A local attacker with a large UID could possibly use this issue to perform privileged actions. Various other issues were also addressed.; tags | advisory, local; systems | linux, ubuntu; advisories | CVE-2018-19788; SHA-256 | 7bce7059444c2f41710ef023a65160038dfdc426e06bd8b1626464be80942c89; Download | Favorite | View

Ubuntu Security Notice USN-3861-1: Posted Jan 17, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3861-1 - It was discovered that PolicyKit incorrectly handled certain large user UIDs. A local attacker with a large UID could possibly use this issue to perform privileged actions.; tags | advisory, local; systems | linux, ubuntu; advisories | CVE-2018-19788; SHA-256 | 4f39441d0bc48e0fc9c968053d5d56332bbbeef25eb9e24fc56c8e836b7f83fb; Download | Favorite | View

Debian Security Advisory 4350-1: Posted Dec 7, 2018; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4350-1 - It was discovered that incorrect processing of very high UIDs in Policykit, a framework for managing administrative policies and privileges, could result in authentication bypass.; tags | advisory; systems | linux, debian; advisories | CVE-2018-19788; SHA-256 | 4c66302ebf9cfd15b8dd32b77d31e4b78565f776f1eb9f3a42dc3930008b7f0c; Download | Favorite | View

Page 1 of 1 Back 1 Next