VYPR
Unrated severityNVD Advisory· Published Oct 3, 2013· Updated Jun 16, 2026

CVE-2013-4288

CVE-2013-4288

Description

Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to (1) the polkit_unix_process_new API function, (2) the dbus API, or (3) the --process (unix-process) option for authorization to pkcheck.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.