CVE-2018-19788

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-19788

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19788.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-19788

Downstream

ALPINE-CVE-2018-19788

DEBIAN-CVE-2018-19788

DLA-1644-1

DSA-4350-1

RHSA-2019:2046

RHSA-2019:3232

SUSE-SU-2019:0015-1

SUSE-SU-2019:0019-1

SUSE-SU-2019:0019-2

UBUNTU-CVE-2018-19788

USN-3861-1

openSUSE-SU-2019:0010-1

openSUSE-SU-2024:11180-1

Related

Published

2018-12-03T06:29:00Z

Modified

2025-10-14T16:26:38.553216Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

References

Affected packages

Git / gitlab.freedesktop.org/polkit/polkit

Affected ranges

Type: GIT
Repo: https://gitlab.freedesktop.org/polkit/polkit
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

b0a5d0f1a5b835819da630a6d27ed89dd4d7f464

Affected versions

0.*

0.100

0.101

0.102

0.103

0.104

0.105

0.106

0.107

0.108

0.109

0.110

0.111

0.112

0.113

0.114

0.115

0.91

0.92

0.93

0.94

0.95

0.96

0.97

0.98

0.99

Other

POLICY_KIT_0_3

POLICY_KIT_0_4

POLICY_KIT_0_5

POLICY_KIT_0_6

POLICY_KIT_0_7

POLICY_KIT_0_8

POLICY_KIT_0_9

start