Unrated severityNVD Advisory· Published Jan 11, 2019· Updated Aug 4, 2024
CVE-2019-6133
CVE-2019-6133
Description
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
Affected products
69- Range: = 0.115
- osv-coords68 versionspkg:rpm/opensuse/polkit&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/polkit&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/polkit&distro=openSUSE%20Tumbleweedpkg:rpm/suse/kernel-default&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/kernel-default&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/kernel-source&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/kernel-source&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/kernel-syms&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/kernel-syms&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_39&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_39&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_39&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_36&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_36&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_36&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_36&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_36&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_36&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/polkit&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/polkit&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/polkit&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4pkg:rpm/suse/polkit&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/polkit&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/polkit&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
< 0.114-lp151.5.3.1+ 67 more
- (no CPE)range: < 0.114-lp151.5.3.1
- (no CPE)range: < 0.114-lp151.5.3.1
- (no CPE)range: < 0.118-7.2
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.121-92.149.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 4.4.180-94.135.1
- (no CPE)range: < 1-3.3.1
- (no CPE)range: < 1-3.3.1
- (no CPE)range: < 1-3.3.1
- (no CPE)range: < 1-4.5.1
- (no CPE)range: < 1-4.5.1
- (no CPE)range: < 1-4.5.1
- (no CPE)range: < 1-4.5.1
- (no CPE)range: < 1-4.5.1
- (no CPE)range: < 1-4.5.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.114-3.9.1
- (no CPE)range: < 0.114-3.9.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
- (no CPE)range: < 0.113-5.18.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
24- lists.opensuse.org/opensuse-security-announce/2019-08/msg00049.htmlmitrevendor-advisoryx_refsource_SUSE
- access.redhat.com/errata/RHSA-2019:0230mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2019:0420mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2019:0832mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2019:2699mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2019:2978mitrevendor-advisoryx_refsource_REDHAT
- usn.ubuntu.com/3901-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3901-2/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3903-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3903-2/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3908-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3908-2/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3910-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3910-2/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3934-1/mitrevendor-advisoryx_refsource_UBUNTU
- usn.ubuntu.com/3934-2/mitrevendor-advisoryx_refsource_UBUNTU
- www.securityfocus.com/bid/106537mitrevdb-entryx_refsource_BID
- bugs.chromium.org/p/project-zero/issues/detailmitrex_refsource_MISC
- gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81mitrex_refsource_MISC
- gitlab.freedesktop.org/polkit/polkit/merge_requests/19mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2019/01/msg00021.htmlmitremailing-listx_refsource_MLIST
- lists.debian.org/debian-lts-announce/2019/05/msg00041.htmlmitremailing-listx_refsource_MLIST
- lists.debian.org/debian-lts-announce/2019/05/msg00042.htmlmitremailing-listx_refsource_MLIST
- support.f5.com/csp/article/K22715344mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.