[USN-3934-2] PolicyKit vulnerability
Severity
Medium
Affected Packages
9
CVEs
1
PolicyKit could allow unintended access.
USN-3934-1 fixed a vulnerability in Policykit. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that PolicyKit incorrectly relied on the fork() system
call in the Linux kernel being atomic. A local attacker could possibly use
this issue to gain access to services that have cached authorizations.
| Package | Affected Version |
|---|---|
 pkg:deb/ubuntu/policykit-1?distro=precise
|
< 0.104-1ubuntu1.5 |
|
pkg:deb/ubuntu/policykit-1-doc?distro=precise
|
< 0.104-1ubuntu1.5 |
|
pkg:deb/ubuntu/libpolkit-gobject-1-dev?distro=precise
|
< 0.104-1ubuntu1.5 |
|
pkg:deb/ubuntu/libpolkit-gobject-1-0?distro=precise
|
< 0.104-1ubuntu1.5 |
|
pkg:deb/ubuntu/libpolkit-backend-1-dev?distro=precise
|
< 0.104-1ubuntu1.5 |
|
pkg:deb/ubuntu/libpolkit-backend-1-0?distro=precise
|
< 0.104-1ubuntu1.5 |
|
pkg:deb/ubuntu/libpolkit-agent-1-dev?distro=precise
|
< 0.104-1ubuntu1.5 |
|
pkg:deb/ubuntu/libpolkit-agent-1-0?distro=precise
|
< 0.104-1ubuntu1.5 |
|
pkg:deb/ubuntu/gir1.2-polkit-1.0?distro=precise
|
< 0.104-1ubuntu1.5 |
- ID
- USN-3934-2
- Severity
- medium
- Severity from
- CVE-2019-6133
- URL
- https://ubuntu.com/security/notices/USN-3934-2
- Published
-
2019-09-02T13:23:46
(5 years ago) - Modified
-
2019-09-02T13:23:46
(5 years ago) - Other Advisories
-
-
ALAS2-2019-1171
-
ALPINE:CVE-2019-6133
-
ELSA-2019-0230
-
ELSA-2019-0420
-
ELSA-2019-4708
-
ELSA-2019-4710
-
openSUSE-SU-2019:1914-1
-
RHSA-2019:0230
-
RHSA-2019:0420
-
SUSE-SU-2019:2018-1
-
SUSE-SU-2019:2035-1
-
SUSE-SU-2019:2035-2
-
SUSE-SU-2020:3503-1
-
SUSE-SU-2021:0437-1
-
USN-3901-1
-
USN-3901-2
-
USN-3903-1
-
USN-3903-2
-
USN-3908-1
-
USN-3908-2
-
USN-3910-1
-
USN-3910-2
-
USN-3934-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/policykit-1?distro=precise | ubuntu |
policykit-1
|
< 0.104-1ubuntu1.5 | precise | ||
| Affected | pkg:deb/ubuntu/policykit-1-doc?distro=precise | ubuntu |
policykit-1-doc
|
< 0.104-1ubuntu1.5 | precise | ||
| Affected | pkg:deb/ubuntu/libpolkit-gobject-1-dev?distro=precise | ubuntu |
libpolkit-gobject-1-dev
|
< 0.104-1ubuntu1.5 | precise | ||
| Affected | pkg:deb/ubuntu/libpolkit-gobject-1-0?distro=precise | ubuntu |
libpolkit-gobject-1-0
|
< 0.104-1ubuntu1.5 | precise | ||
| Affected | pkg:deb/ubuntu/libpolkit-backend-1-dev?distro=precise | ubuntu |
libpolkit-backend-1-dev
|
< 0.104-1ubuntu1.5 | precise | ||
| Affected | pkg:deb/ubuntu/libpolkit-backend-1-0?distro=precise | ubuntu |
libpolkit-backend-1-0
|
< 0.104-1ubuntu1.5 | precise | ||
| Affected | pkg:deb/ubuntu/libpolkit-agent-1-dev?distro=precise | ubuntu |
libpolkit-agent-1-dev
|
< 0.104-1ubuntu1.5 | precise | ||
| Affected | pkg:deb/ubuntu/libpolkit-agent-1-0?distro=precise | ubuntu |
libpolkit-agent-1-0
|
< 0.104-1ubuntu1.5 | precise | ||
| Affected | pkg:deb/ubuntu/gir1.2-polkit-1.0?distro=precise | ubuntu |
gir1.2-polkit-1.0
|
< 0.104-1ubuntu1.5 | precise |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |