systemd vulnerability

2019-04-08T00:00:00
ID USN-3938-1
Type ubuntu
Reporter Ubuntu
Modified 2019-04-08T00:00:00

Description

Jann Horn discovered that pam_systemd created logind sessions using some parameters from the environment. A local attacker could exploit this in order to spoof the active session and gain additional PolicyKit privileges.