The check_permission_v1 function in base/pkit.py in HP Linux Imaging and
Printing (HPLIP) through 3.13.9 does not properly use D-Bus for
communication with a polkit authority, which allows local users to bypass
intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject
race condition via a (1) setuid process or (2) pkexec process.
Red Hat's patch: https://bugzilla.redhat.com/attachment.cgi?id=796256&action=diff&context=patch&collapsed=&headers=1&format=raw
+*hplip-3.13.9 (28 Sep 2013)
+ 28 Sep 2013; Daniel Pielmeier <email@example.com> +hplip-3.13.9.ebuild:
+ Version bump. Includes Red Hat's patch to fix CVE-2013-4325.
Stabilized and cleaned up as part of Bug 497722.
Arhes and Maintainers thank you for your work.
Added to existing GLSA Draf.
This issue was resolved and addressed in
GLSA 201406-27 at http://security.gentoo.org/glsa/glsa-201406-27.xml
by GLSA coordinator Chris Reffett (creffett).