PolicyKit could allow unintended access.
Software Description:
- policykit-1: framework for managing administrative policies and privileges
Details:
It was discovered that PolicyKit incorrectly relied on the fork() system
call in the Linux kernel being atomic. A local attacker could possibly use
this issue to gain access to services that have cached authorizations.
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: libpolkit-backend-1-0 0.105-21ubuntu0.4 policykit-1 0.105-21ubuntu0.4 Ubuntu 18.04 LTS: libpolkit-backend-1-0 0.105-20ubuntu0.18.04.5 policykit-1 0.105-20ubuntu0.18.04.5 Ubuntu 16.04 LTS: libpolkit-backend-1-0 0.105-14.1ubuntu0.5 policykit-1 0.105-14.1ubuntu0.5 Ubuntu 14.04 LTS: libpolkit-backend-1-0 0.105-4ubuntu3.14.04.6 policykit-1 0.105-4ubuntu3.14.04.6 After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-3934-1
CVE-2019-6133
Get the latest Linux and open source security news straight to your inbox.