USN-3938-1: systemd vulnerability
8 April 2019
The systemd PAM module could be used to gain additional PolicyKit privileges.
- systemd - system and service manager
Jann Horn discovered that pam_systemd created logind sessions using some
parameters from the environment. A local attacker could exploit this in
order to spoof the active session and gain additional PolicyKit
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.