CVE-2011-1485

EPSS 5.5%

policykit-1 - race condition

發布日:2011/5/31修改日:2026/4/28

描述

Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.

受影響套件(2)

Debian/policykit-1from 0, < 0.101-4
Debian/policykit-1from 0, < 0.96-4+squeeze1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-1485