Updated polkit package and the packages that call polkit fixes security vulnerability
Publication date: 05 Oct 2013Modification date: 05 Oct 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-4288 , CVE-2013-4324 , CVE-2013-4325 , CVE-2013-4326 , CVE-2013-4327
Description
A race condition was found in the way the PolicyKit pkcheck utility
checked process authorization when the process was specified by its
process ID via the --process option. A local user could use this flaw to
bypass intended PolicyKit authorizations and escalate their privileges
(CVE-2013-4288).
Note: Applications that invoke pkcheck with the --process option need to
be modified to use the pid,pid-start-time,uid argument for that option, to
allow pkcheck to check process authorization correctly.
Because of the change in the PolicyKit API, the spice-gtk (CVE-2013-4324),
hplip (CVE-2013-4325), rtkit (CVE-2013-4326), and systemd (CVE-2013-4327)
packages have been updated to use a different API that is not affected by
this PolicyKit vulnerability. The libvirt package will also be updated
for the same reason, but this update will come in a separate advisory.
References
- https://bugs.mageia.org/show_bug.cgi?id=11260
- https://rhn.redhat.com/errata/RHSA-2013-1270.html
- https://rhn.redhat.com/errata/RHSA-2013-1273.html
- https://rhn.redhat.com/errata/RHSA-2013-1274.html
- http://www.ubuntu.com/usn/usn-1959-1/
- http://www.ubuntu.com/usn/usn-1961-1/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4288
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4324
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4326
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4327
SRPMS
3/core
- polkit-0.107-6.1.mga3
- spice-gtk-0.15-3.1.mga3
- hplip-3.12.9-6.1.mga3
- rtkit-0.11-3.1.mga3
- systemd-195-22.1.mga3
2/core
- polkit-0.104-4.2.mga2
- spice-gtk-0.9-1.2.mga2
- hplip-3.12.4-1.3.mga2
- rtkit-0.10-3.1.mga2
- systemd-44-13.1.mga2