It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
{ "availability": "No subscription required", "ubuntu_priority": "high", "binaries": [ { "binary_version": "0.105-26ubuntu1.1", "binary_name": "gir1.2-polkit-1.0" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-agent-1-0" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-agent-1-0-dbgsym" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-agent-1-dev" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-gobject-1-0" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-gobject-1-0-dbgsym" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-gobject-1-dev" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "policykit-1" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "policykit-1-dbgsym" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "policykit-1-doc" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "high", "binaries": [ { "binary_version": "0.105-31", "binary_name": "gir1.2-polkit-1.0" }, { "binary_version": "0.105-31", "binary_name": "libpolkit-agent-1-0" }, { "binary_version": "0.105-31", "binary_name": "libpolkit-agent-1-0-dbgsym" }, { "binary_version": "0.105-31", "binary_name": "libpolkit-agent-1-dev" }, { "binary_version": "0.105-31", "binary_name": "libpolkit-gobject-1-0" }, { "binary_version": "0.105-31", "binary_name": "libpolkit-gobject-1-0-dbgsym" }, { "binary_version": "0.105-31", "binary_name": "libpolkit-gobject-1-dev" }, { "binary_version": "0.105-31", "binary_name": "policykit-1" }, { "binary_version": "0.105-31", "binary_name": "policykit-1-dbgsym" }, { "binary_version": "0.105-31", "binary_name": "policykit-1-doc" } ] }