A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and information disclosure.
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Debian_linux | Debian | 8.0 (including) | 8.0 (including) |
Red Hat Enterprise Linux 7 | RedHat | polkit-0:0.112-26.el7 | * |
Policykit-1 | Ubuntu | artful | * |
Policykit-1 | Ubuntu | bionic | * |
Policykit-1 | Ubuntu | trusty | * |
Policykit-1 | Ubuntu | upstream | * |
Policykit-1 | Ubuntu | xenial | * |
Assuming a user with a given identity, authorization is the process of determining whether that user can access a given resource, based on the user’s privileges and any permissions or other access-control specifications that apply to the resource. When access control checks are not applied consistently - or not at all - users are able to access data or perform actions that they should not be allowed to perform. This can lead to a wide range of problems, including information exposures, denial of service, and arbitrary code execution.