Privilege Escalation

networkmanager is vulnerable to privilege escalation. An input sanitization flaw was found in the way the ifcfg-rh NetworkManager plug-in escaped network connection names containing special characters. If PolicyKit was configured to allow local, unprivileged users to create and save new network connections, they could create a connection with a specially-crafted name, leading to the escalation of their privileges. Note: By default, PolicyKit prevents unprivileged users from creating and saving network connections.