Kevin Backhouse discovered that polkit incorrectly handled errors in the polkitsystembusnamegetcredssync function. A local attacker could possibly use this issue to escalate privileges.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "0.105-26ubuntu1.1", "binary_name": "gir1.2-polkit-1.0" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-agent-1-0" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-agent-1-0-dbgsym" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-agent-1-dev" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-gobject-1-0" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-gobject-1-0-dbgsym" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "libpolkit-gobject-1-dev" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "policykit-1" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "policykit-1-dbgsym" }, { "binary_version": "0.105-26ubuntu1.1", "binary_name": "policykit-1-doc" } ] }