Vulnerability Description
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Polkit Project | Polkit | 0.115 |
| Debian | Debian Linux | 8.0 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux Server | 7.0 |
| Redhat | Enterprise Linux Server Aus | 7.6 |
| Redhat | Enterprise Linux Server Eus | 7.6 |
| Redhat | Enterprise Linux Server Tus | 7.6 |
| Redhat | Enterprise Linux Workstation | 7.0 |
| Canonical | Ubuntu Linux | 12.04 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00049.html
- http://www.securityfocus.com/bid/106537Third Party AdvisoryVDB Entry
- https://access.redhat.com/errata/RHSA-2019:0230Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:0420Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:0832Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2699
- https://access.redhat.com/errata/RHSA-2019:2978
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1692Issue TrackingMailing ListThird Party Advisory
- https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cfPatchThird Party Advisory
- https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d7PatchThird Party Advisory
- https://gitlab.freedesktop.org/polkit/polkit/merge_requests/19PatchThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2019/01/msg00021.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html
- https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html
- https://support.f5.com/csp/article/K22715344Third Party Advisory
FAQ
What is CVE-2019-6133?
CVE-2019-6133 is a vulnerability with a CVSS score of 6.7 (MEDIUM). In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lac...
How severe is CVE-2019-6133?
CVE-2019-6133 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-6133?
Check the references section above for vendor advisories and patch information. Affected products include: Polkit Project Polkit, Debian Debian Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus.