SB2019081524 - Gentoo update for polkit
Published: August 15, 2019 Updated: August 25, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Improper authorization (CVE-ID: CVE-2018-1116)
The vulnerability allows a local attacker to obtain potentially sensitive information or cause DoS condition on the target system.
The vulnerability exists due to improper implementation of the polkit_backend_interactive_authority_check_authorization function in the polkitd daemon. A local attacker can test for authentication and trigger authentication of unrelated processes owned by other users to access sensitive information or cause the service to crash.
2) Command injection (CVE-ID: CVE-2018-19788)
The vulnerability allows a local authenticated attacker to execute arbitrary commands on the target system.
The vulnerability exists due to PolicyKit's improper validation of permission requests for any low-privileged user with UID greater than INT_MAX, a constant in computer programming that defines what maximum value an integer variable can store, which equals to 2147483647 (in hexadecimal 0x7FFFFFFF). A local authenticated attacker with a uid greater than INT_MAX can execute any systemctl command.
Remediation
Install update from vendor's website.