Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2016-2568

Published: 13 February 2017

pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

Notes

AuthorNote
mdeslaur
no fix available as of 2021-05-26
rodrigo-zaiden
no fix available as of 2022-02-21.

Priority

Low

Cvss 3 Severity Score

7.8

Score breakdown

Status

Package Release Status
policykit-1
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Deferred

cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Deferred

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Deferred

kinetic Deferred

lunar Deferred

precise Ignored
(reached end-of-life)
trusty Deferred

upstream Needed

wily Ignored
(reached end-of-life)
xenial Deferred

yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)

Severity score breakdown

Parameter Value
Base score 7.8
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Scope Changed
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H