CVE-2019-6133
MEDIUMpolkit 0.115 - Race Condition via Fork-Based Authorization Bypass
Title source: llmDescription
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
References (25)
Core 25
Core References
Patch, Third Party Advisory x_refsource_misc
https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3903-2/
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:0230
Patch, Third Party Advisory x_refsource_misc
https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cf
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2019/01/msg00021.html
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3910-1/
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3901-2/
Patch, Third Party Advisory x_refsource_misc
https://gitlab.freedesktop.org/polkit/polkit/merge_requests/19
Issue Tracking, Mailing List, Third Party Advisory x_refsource_misc
https://bugs.chromium.org/p/project-zero/issues/detail?id=1692
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3910-2/
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:0420
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3908-2/
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3901-1/
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3903-1/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106537
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3908-1/
Third Party Advisory x_refsource_confirm
https://support.f5.com/csp/article/K22715344
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3934-1/
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:0832
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00049.html
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3934-2/
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:2699
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:2978
Scores
CVSS v3
6.7
EPSS
0.0003
EPSS Percentile
7.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-362
Status
published
Products (17)
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
canonical/ubuntu_linux
18.10
debian/debian_linux
8.0
polkit_project/polkit
0.115
redhat/enterprise_linux_desktop
7.0
redhat/enterprise_linux_desktop
6.0
redhat/enterprise_linux_server
7.0
... and 7 more
Published
Jan 11, 2019
Tracked Since
Feb 18, 2026