CVE-2019-6133

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.

References

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00049.html

http://www.securityfocus.com/bid/106537

https://access.redhat.com/errata/RHSA-2019:0230

https://access.redhat.com/errata/RHSA-2019:0420

https://access.redhat.com/errata/RHSA-2019:0832

https://access.redhat.com/errata/RHSA-2019:2699

https://access.redhat.com/errata/RHSA-2019:2978

https://bugs.chromium.org/p/project-zero/issues/detail?id=1692

https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cf

https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81

https://gitlab.freedesktop.org/polkit/polkit/merge_requests/19

https://lists.debian.org/debian-lts-announce/2019/01/msg00021.html

https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html

https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html

https://support.f5.com/csp/article/K22715344

https://usn.ubuntu.com/3901-1/

https://usn.ubuntu.com/3901-2/

https://usn.ubuntu.com/3903-1/

https://usn.ubuntu.com/3903-2/

https://usn.ubuntu.com/3908-1/

https://usn.ubuntu.com/3908-2/

https://usn.ubuntu.com/3910-1/

https://usn.ubuntu.com/3910-2/

https://usn.ubuntu.com/3934-1/

https://usn.ubuntu.com/3934-2/

Details

Source: MITRE

Published: 2019-01-11

Updated: 2020-08-24

Type: CWE-362

Risk Information

CVSS v2

Base Score: 4.4

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.4

Severity: MEDIUM

CVSS v3

Base Score: 6.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 0.8

Severity: MEDIUM

Tenable Plugins

View all (45 total)

IDNameProductFamilySeverity
146476SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0437-1)NessusSuSE Local Security Checks
high
144538Virtuozzo 6 : polkit / polkit-desktop-policy / polkit-devel / etc (VZLSA-2019-0420)NessusVirtuozzo Local Security Checks
medium
143639SUSE SLES12 Security Update : kernel (SUSE-SU-2020:3503-1)NessusSuSE Local Security Checks
high
131701Juniper Junos Space < 19.2R1 Multiple Vulnerabilities (JSA10951)NessusJunos Local Security Checks
critical
129740RHEL 7 : polkit (RHSA-2019:2978)NessusRed Hat Local Security Checks
medium
128664RHEL 7 : polkit (RHSA-2019:2699)NessusRed Hat Local Security Checks
medium
128006openSUSE Security Update : polkit (openSUSE-2019-1914)NessusSuSE Local Security Checks
medium
127761SUSE SLED12 / SLES12 Security Update : polkit (SUSE-SU-2019:2035-1)NessusSuSE Local Security Checks
medium
127755SUSE SLED15 / SLES15 Security Update : polkit (SUSE-SU-2019:2018-1)NessusSuSE Local Security Checks
medium
127424NewStart CGSL MAIN 4.05 : polkit Vulnerability (NS-SA-2019-0151)NessusNewStart CGSL Local Security Checks
medium
127317NewStart CGSL MAIN 4.06 : polkit Vulnerability (NS-SA-2019-0094)NessusNewStart CGSL Local Security Checks
medium
127244NewStart CGSL CORE 5.04 / MAIN 5.04 : polkit Vulnerability (NS-SA-2019-0055)NessusNewStart CGSL Local Security Checks
medium
126670OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0035) (Spectre)NessusOracleVM Local Security Checks
medium
126610Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4710) (Spectre)NessusOracle Linux Local Security Checks
medium
126557Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4708)NessusOracle Linux Local Security Checks
medium
126299EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-1672)NessusHuawei Local Security Checks
high
126283EulerOS 2.0 SP8 : polkit (EulerOS-SA-2019-1656)NessusHuawei Local Security Checks
high
126122Photon OS 1.0: Polkit PHSA-2019-1.0-0236NessusPhotonOS Local Security Checks
high
125564EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1612)NessusHuawei Local Security Checks
high
125513EulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-1586)NessusHuawei Local Security Checks
high
125478Debian DLA-1799-2 : linux security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)NessusDebian Local Security Checks
high
124431EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1304)NessusHuawei Local Security Checks
high
124258RHEL 6 : polkit (RHSA-2019:0832)NessusRed Hat Local Security Checks
medium
123750Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : policykit-1 vulnerability (USN-3934-1)NessusUbuntu Local Security Checks
medium
123596EulerOS 2.0 SP2 : polkit (EulerOS-SA-2019-1122)NessusHuawei Local Security Checks
medium
123114EulerOS 2.0 SP3 : polkit (EulerOS-SA-2019-1101)NessusHuawei Local Security Checks
medium
122893Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3910-2)NessusUbuntu Local Security Checks
medium
122892Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3910-1)NessusUbuntu Local Security Checks
medium
122813Ubuntu 14.04 LTS : Linux kernel vulnerability (USN-3908-1)NessusUbuntu Local Security Checks
medium
122719CentOS 7 : polkit (CESA-2019:0230)NessusCentOS Local Security Checks
medium
122693EulerOS 2.0 SP5 : polkit (EulerOS-SA-2019-1070)NessusHuawei Local Security Checks
medium
122677Amazon Linux 2 : polkit (ALAS-2019-1171)NessusAmazon Linux Local Security Checks
medium
122669Ubuntu 18.04 LTS : linux-hwe, linux-azure vulnerabilities (USN-3903-2)NessusUbuntu Local Security Checks
high
122668Ubuntu 18.10 : linux, linux-azure, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities (USN-3903-1)NessusUbuntu Local Security Checks
high
122647Ubuntu 14.04 LTS / 16.04 LTS : linux-hwe, linux-aws-hwe, linux-azure, linux-gcp, linux-oracle vulnerabilities (USN-3901-2)NessusUbuntu Local Security Checks
medium
122646Ubuntu 18.04 LTS : linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-oracle, linux-raspi2 vulnerabilities (USN-3901-1)NessusUbuntu Local Security Checks
medium
122573OracleVM 3.3 / 3.4 : polkit (OVMSA-2019-0008)NessusOracleVM Local Security Checks
medium
122468Scientific Linux Security Update : polkit on SL6.x i386/x86_64 (20190226)NessusScientific Linux Local Security Checks
medium
122465RHEL 6 : polkit (RHSA-2019:0420)NessusRed Hat Local Security Checks
medium
122462Oracle Linux 6 : polkit (ELSA-2019-0420)NessusOracle Linux Local Security Checks
medium
122452CentOS 6 : polkit (CESA-2019:0420)NessusCentOS Local Security Checks
medium
121533Scientific Linux Security Update : polkit on SL7.x x86_64 (20190131)NessusScientific Linux Local Security Checks
medium
121528RHEL 7 : polkit (RHSA-2019:0230)NessusRed Hat Local Security Checks
medium
121524Oracle Linux 7 : polkit (ELSA-2019-0230)NessusOracle Linux Local Security Checks
medium
121423Debian DLA-1644-1 : policykit-1 security updateNessusDebian Local Security Checks
high