17 matches found
EUVD-2019-15700
Malware in sbrugna...
RHEL 8 : polkit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - polkit: Improper handling of user with uid INTMAX leading to authentication bypass CVE-2018-19788 - In...
K22715344: PolicyKit vulnerability CVE-2019-6133
Security Advisory Description In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...
EulerOS Virtualization 2.10.0 : util-linux (EulerOS-SA-2022-2041)
According to the versions of the util-linux package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an...
ROS-20220128-03
A vulnerability in the standard util-linux command line utility package is related to incorrect parsing of the /proc/self/mountinfo file in libmount. parsing of the /proc/self/mountinfo file in libmount. Exploitation of the vulnerability could allow an attacker to, unmount other users' filesystem...
OPENSUSE-SU-2019:1914-1 Security update for polkit
This update for polkit fixes the following issues: Security issue fixed: - CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend bsc1121826. This update was imported from the SUSE:SLE-15:Update update project...
SUSE SLED15 / SLES15 Security Update : polkit (SUSE-SU-2019:2018-1)
This update for polkit fixes the following issues : Security issue fixed : CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend bsc1121826. Note that Tenable Network Security has extracted the preceding description block directly from...
SUSE-SU-2019:2035-2 Security update for polkit
This update for polkit fixes the following issues: Security issue fixed: - CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend bsc1121826...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4710)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4710 advisory. - fork: record starttime late David Herrmann Orabug: 29850581 CVE-2019-6133 - x86/retpoline/ia32entry: Convert to non-speculative calls Ankur Arora...
CVE-2019-6133
In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...
Authorization
In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...
CVE-2019-6133
In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...
CVE-2019-6133
CVE-2019-6133 affects PolicyKit (polkit). A local attacker could bypass authentication by exploiting a race during fork() where authorization decisions were cached and not atomically tied to the correct process, due to missing UID checks in polkitbackendinteractiveauthority.c. The issue has been ...
CVE-2019-6133
In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...
CVE-2019-6133
In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...
CVE-2019-6133
In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...
CVE-2019-6133
In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...