Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 717712 (CVE-2019-6133) - <sys-auth/polkit-0.116: Start time bypass (CVE-2019-6133)
Summary: <sys-auth/polkit-0.116: Start time bypass (CVE-2019-6133)
Status: RESOLVED FIXED
Alias: CVE-2019-6133
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-16 13:28 UTC by GLSAMaker/CVETool Bot
Modified: 2020-10-04 16:12 UTC (History)
2 users (show)

See Also:
Package list:
sys-auth/polkit-0.116-r1
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2020-04-16 13:28:01 UTC 
CVE-2019-6133 (https://nvd.nist.gov/vuln/detail/CVE-2019-6133):
  In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can
  be bypassed because fork() is not atomic, and therefore authorization
  decisions are improperly cached. This is related to lack of uid checking in
  polkitbackend/polkitbackendinteractiveauthority.c.
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-04-16 13:33:07 UTC 
@maintainer(s), please advise if ready for stabilisation or call yourself
Comment 2 Andreas Sturmlechner gentoo-dev 2020-04-16 22:44:29 UTC 
I guess it will be fine.
Comment 3 Agostino Sarubbo gentoo-dev 2020-04-17 06:42:52 UTC 
sparc stable
Comment 4 Agostino Sarubbo gentoo-dev 2020-04-17 06:49:18 UTC 
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2020-04-17 06:50:40 UTC 
arm stable
Comment 6 Agostino Sarubbo gentoo-dev 2020-04-17 06:51:55 UTC 
ppc stable
Comment 7 Agostino Sarubbo gentoo-dev 2020-04-17 06:53:31 UTC 
ppc64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2020-04-17 06:54:43 UTC 
x86 stable
Comment 9 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-04-19 20:28:41 UTC 
arm64 stable
Comment 10 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-06-04 17:13:22 UTC 
@s390: ping
Comment 11 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-07-26 05:23:50 UTC 
GLSA vote: no!
Comment 12 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2020-09-20 16:14:49 UTC 
s390: ping
Comment 13 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-10-04 13:53:48 UTC 
Please cleanup. Dropping s390.
Comment 14 NATTkA bot gentoo-dev 2020-10-04 13:57:03 UTC 
Resetting sanity check; keywords are not fully specified and arches are not CC-ed.
Comment 15 Larry the Git Cow gentoo-dev 2020-10-04 16:07:16 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1bed18530dc535caec4a9fbfe2f9c4de9ac3d730

commit 1bed18530dc535caec4a9fbfe2f9c4de9ac3d730
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2020-10-04 15:58:22 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2020-10-04 15:58:22 +0000

    sys-auth/polkit: Cleanup vulnerable 0.115-r4
    
    Bug: https://bugs.gentoo.org/717712
    Package-Manager: Portage-3.0.8, Repoman-3.0.1
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 sys-auth/polkit/Manifest                           |   1 -
 sys-auth/polkit/files/CVE-2018-19788.patch         | 339 ---------------------
 .../files/polkit-0.115-spidermonkey-60.patch       | 180 -----------
 sys-auth/polkit/polkit-0.115-r4.ebuild             | 144 ---------
 4 files changed, 664 deletions(-)
Comment 16 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-10-04 16:12:07 UTC 
Thank you!