Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 485420 (CVE-2013-4324)

Summary: <net-misc/spice-gtk-0.21: use of insecure polkit libgobject-1 API (CVE-2013-4324)
Product: Gentoo Security Reporter: Doug Goldstein (RETIRED) <cardoe>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B1 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on: 484486, 485550    
Bug Blocks: 485328    

Description Doug Goldstein (RETIRED) gentoo-dev 2013-09-19 16:23:37 UTC
<net-misc/spice-0.21: use of insecure polkit libgobject-1 API (CVE-2013-4324)

target keywords: amd64 x86

Please stabilize arch teams
Comment 1 Agostino Sarubbo gentoo-dev 2013-09-23 19:12:13 UTC
amd64 stable
Comment 2 Agostino Sarubbo gentoo-dev 2013-10-06 07:51:42 UTC
x86 stable
Comment 3 Sean Amoss (RETIRED) gentoo-dev Security 2013-10-06 14:21:21 UTC
Added to the polkit GLSA.
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2013-10-06 23:26:42 UTC
CVE-2013-4324 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4324):
  spice-gtk 0.14, and possibly other versions, invokes the polkit authority
  using the insecure polkit_unix_process_new API function, which allows local
  users to bypass intended access restrictions by leveraging a
  PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or
  (2) pkexec process, a related issue to CVE-2013-4288.
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2014-06-26 22:59:44 UTC
This issue was resolved and addressed in
 GLSA 201406-27 at http://security.gentoo.org/glsa/glsa-201406-27.xml
by GLSA coordinator Chris Reffett (creffett).