Security restrictions bypass in PolicyKit - CVE-2019-6133
Published: January 11, 2019 / Updated: January 14, 2019
Vulnerability identifier: #VU16966
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2019-6133
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Freedesktop.org
Affected software:
PolicyKit
PolicyKit
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists due to fork() is not atomic, and therefore authorization decisions are improperly cached, related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. A remote unauthenticated attacker can bypass the "start time" protection mechanism
How to mitigate CVE-2019-6133
Cybersecurity Help is currently unaware of any official solution to address the vulnerability.