Lucene search

K
prionPRIOn knowledge basePRION:CVE-2019-6133
HistoryJan 11, 2019 - 2:29 p.m.

Authorization

2019-01-1114:29:00
PRIOn knowledge base
www.prio-n.com
8

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

33.0%

In PolicyKit (aka polkit) 0.115, the β€œstart time” protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.

References