PolicyKit could allow unintended access.
Software Description:
- policykit-1: framework for managing administrative policies and privileges
Details:
It was discovered that PolicyKit incorrectly handled certain large user
UIDs. A local attacker with a large UID could possibly use this issue to
perform privileged actions.
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: libpolkit-backend-1-0 0.105-21ubuntu0.3 policykit-1 0.105-21ubuntu0.3 Ubuntu 18.04 LTS: libpolkit-backend-1-0 0.105-20ubuntu0.18.04.4 policykit-1 0.105-20ubuntu0.18.04.4 Ubuntu 16.04 LTS: libpolkit-backend-1-0 0.105-14.1ubuntu0.4 policykit-1 0.105-14.1ubuntu0.4 Ubuntu 14.04 LTS: libpolkit-backend-1-0 0.105-4ubuntu3.14.04.5 policykit-1 0.105-4ubuntu3.14.04.5 After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-3861-1
CVE-2018-19788
Get the latest Linux and open source security news straight to your inbox.