CVE-2018-19788

Priority
Description
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a
uid greater than INT_MAX to successfully execute any systemctl command.
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (0.104-1ubuntu1.4)
Ubuntu 14.04 LTS (Trusty Tahr):released (0.105-4ubuntu3.14.04.5)
Ubuntu 16.04 LTS (Xenial Xerus):released (0.105-14.1ubuntu0.4)
Ubuntu 18.04 LTS (Bionic Beaver):released (0.105-20ubuntu0.18.04.4)
Ubuntu 18.10 (Cosmic Cuttlefish):released (0.105-21ubuntu0.3)
Ubuntu 19.04 (Disco Dingo):released (0.105-25)
Patches:
Upstream:https://gitlab.freedesktop.org/polkit/polkit/commit/2cb40c4d5feeaa09325522bd7d97910f1b59e379
Upstream:https://gitlab.freedesktop.org/polkit/polkit/commit/b534a10727455409acd54018a9c91000e7626126
More Information

Updated: 2019-01-23 20:14:50 UTC (commit 42de7c33087a2de64e194a7e437731f2a8200bf8)