CVE-2011-1485

EPSS 5.5%

policykit-1 - race condition

Published: 5/31/2011Modified: 4/28/2026

Description

Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.

Affected packages (2)

Debian/policykit-1from 0, < 0.101-4
Debian/policykit-1from 0, < 0.96-4+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-1485