CVE-2011-1485
Published: 19 April 2011
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
Notes
Author | Note |
---|---|
kees |
older "policykit" package lacks "pkexec" entirely. |
Priority
Status
Package | Release | Status |
---|---|---|
policykit-1
Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
karmic |
Released
(0.94-1ubuntu1.1)
|
|
lucid |
Released
(0.96-2ubuntu0.1)
|
|
maverick |
Released
(0.96-2ubuntu1.1)
|
|
upstream |
Needs triage
|