[USN-3934-2] PolicyKit vulnerability
Severity
Medium
Affected Packages
9
CVEs
1
PolicyKit could allow unintended access.
USN-3934-1 fixed a vulnerability in Policykit. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that PolicyKit incorrectly relied on the fork() system
call in the Linux kernel being atomic. A local attacker could possibly use
this issue to gain access to services that have cached authorizations.
Package | Affected Version |
---|---|
pkg:deb/ubuntu/policykit-1?distro=precise | < 0.104-1ubuntu1.5 |
pkg:deb/ubuntu/policykit-1-doc?distro=precise | < 0.104-1ubuntu1.5 |
pkg:deb/ubuntu/libpolkit-gobject-1-dev?distro=precise | < 0.104-1ubuntu1.5 |
pkg:deb/ubuntu/libpolkit-gobject-1-0?distro=precise | < 0.104-1ubuntu1.5 |
pkg:deb/ubuntu/libpolkit-backend-1-dev?distro=precise | < 0.104-1ubuntu1.5 |
pkg:deb/ubuntu/libpolkit-backend-1-0?distro=precise | < 0.104-1ubuntu1.5 |
pkg:deb/ubuntu/libpolkit-agent-1-dev?distro=precise | < 0.104-1ubuntu1.5 |
pkg:deb/ubuntu/libpolkit-agent-1-0?distro=precise | < 0.104-1ubuntu1.5 |
pkg:deb/ubuntu/gir1.2-polkit-1.0?distro=precise | < 0.104-1ubuntu1.5 |
- ID
- USN-3934-2
- Severity
- medium
- Severity from
- CVE-2019-6133
- URL
- https://ubuntu.com/security/notices/USN-3934-2
- Published
-
2019-09-02T13:23:46
(5 years ago) - Modified
-
2019-09-02T13:23:46
(5 years ago) - Other Advisories
-
- ALAS2-2019-1171
- ALPINE:CVE-2019-6133
- ELSA-2019-0230
- ELSA-2019-0420
- ELSA-2019-4708
- ELSA-2019-4710
- openSUSE-SU-2019:1914-1
- RHSA-2019:0230
- RHSA-2019:0420
- SUSE-SU-2019:2018-1
- SUSE-SU-2019:2035-1
- SUSE-SU-2019:2035-2
- SUSE-SU-2020:3503-1
- SUSE-SU-2021:0437-1
- USN-3901-1
- USN-3901-2
- USN-3903-1
- USN-3903-2
- USN-3908-1
- USN-3908-2
- USN-3910-1
- USN-3910-2
- USN-3934-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/policykit-1?distro=precise | ubuntu | policykit-1 | < 0.104-1ubuntu1.5 | precise | ||
Affected | pkg:deb/ubuntu/policykit-1-doc?distro=precise | ubuntu | policykit-1-doc | < 0.104-1ubuntu1.5 | precise | ||
Affected | pkg:deb/ubuntu/libpolkit-gobject-1-dev?distro=precise | ubuntu | libpolkit-gobject-1-dev | < 0.104-1ubuntu1.5 | precise | ||
Affected | pkg:deb/ubuntu/libpolkit-gobject-1-0?distro=precise | ubuntu | libpolkit-gobject-1-0 | < 0.104-1ubuntu1.5 | precise | ||
Affected | pkg:deb/ubuntu/libpolkit-backend-1-dev?distro=precise | ubuntu | libpolkit-backend-1-dev | < 0.104-1ubuntu1.5 | precise | ||
Affected | pkg:deb/ubuntu/libpolkit-backend-1-0?distro=precise | ubuntu | libpolkit-backend-1-0 | < 0.104-1ubuntu1.5 | precise | ||
Affected | pkg:deb/ubuntu/libpolkit-agent-1-dev?distro=precise | ubuntu | libpolkit-agent-1-dev | < 0.104-1ubuntu1.5 | precise | ||
Affected | pkg:deb/ubuntu/libpolkit-agent-1-0?distro=precise | ubuntu | libpolkit-agent-1-0 | < 0.104-1ubuntu1.5 | precise | ||
Affected | pkg:deb/ubuntu/gir1.2-polkit-1.0?distro=precise | ubuntu | gir1.2-polkit-1.0 | < 0.104-1ubuntu1.5 | precise |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |