Lucene search
MitreCVELIST:CVE-2017-7572HistoryOct 03, 2022 - 4:23 p.m.
CVE-2017-7572
2022-10-0316:23:01
mitre
www.cve.org
The _checkPolkitPrivilege function in serviceHelper.py in Back In Time (aka backintime) 1.1.18 and earlier uses a deprecated polkit authorization method (unix-process) that is subject to a race condition (time of check, time of use). With this authorization method, the owner of a process requesting a polkit operation is checked by polkitd via /proc/<pid>/status, by which time the requesting process may have been replaced by a different process with the same PID that has different privileges then the original requester.
Related
nessus
nessus
Fedora 26 : backintime (2017-36eb9502b0)
2017-07-17 00:00:00
Fedora 24 : backintime (2017-7c9a9b2b36)
2017-04-24 00:00:00
Fedora 25 : backintime (2017-8dce7a3940)
2017-04-24 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: backintime-1.1.20-1.fc25
2017-04-22 09:24:23
[SECURITY] Fedora 24 Update: backintime-1.1.20-1.fc24
2017-04-22 08:20:47
[SECURITY] Fedora 26 Update: backintime-1.1.20-1.fc26
2017-04-17 15:55:55
ubuntucve
ubuntucve
CVE-2017-7572
2017-04-06 00:00:00
osv
osv
CVE-2017-7572
2017-04-06 18:59:00
openvas
openvas
Fedora Update for backintime FEDORA-2017-7c9a9b2b36
2017-04-23 00:00:00
Fedora Update for backintime FEDORA-2017-8dce7a3940
2017-04-23 00:00:00
cve
cve
CVE-2017-7572
2022-10-03 16:23:01
nvd
nvd
CVE-2017-7572
2017-04-06 18:59:00
debiancve
debiancve
CVE-2017-7572
2022-10-03 16:23:01
prion
prion
Race condition
2017-04-06 18:59:00