Gentoo Linux Security Advisory 201406-27 - A race condition in polkit could allow a local attacker to gain escalated privileges. Versions less than 3.14.1 are affected.
e25d75df9ade95871973ee8eb13ecdc5976b44c82d22212c6566220987e42d0eMandriva Linux Security Advisory 2013-243 - A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit authorizations and escalate their privileges.
91ca06b6329364c75747c0f85a55c45bc6033f08b2e6bb7fa73577a3bf412762Red Hat Security Advisory 2013-1270-01 - PolicyKit is a toolkit for defining and handling authorizations. A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit authorizations and escalate their privileges. Note: Applications that invoke pkcheck with the --process option need to be modified to use the pid,pid-start-time,uid argument for that option, to allow pkcheck to check process authorization correctly.
369462751485ce57a7dc4368daa0729692f200cbd02c367e79046bde85ccbc66Ubuntu Security Notice 1953-1 - It was discovered that polkit didn't allow applications to use the pkcheck tool in a way which prevented a race condition in the UID lookup. A local attacker could use this flaw to possibly escalate privileges.
528785d61b42c1f01b4bfaa52b123f7ee07cc62e133897d8fdc089aa6ad23405
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed