* CVE-2018-19788 https://gitlab.freedesktop.org/polkit/polkit/issues/74 "A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command." -- CVE listing According to the original issue comments though, this vuln is not only about systemctl commands, but "any PK services". -- Gentoo Security Scout Vladimir Krstulja
Also, upstream has a patch: https://gitlab.freedesktop.org/zbyszek/polkit/commit/2cb40c4d5feeaa09325522bd7d97910f1b59e379
I suggest waiting a bit for this to be merged. https://gitlab.freedesktop.org/polkit/polkit/merge_requests/14
(In reply to Mike Gilbert from comment #2) > I suggest waiting a bit for this to be merged. > > https://gitlab.freedesktop.org/polkit/polkit/merge_requests/14 That PR has been merged and is now closed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cf27a98f65a37ac7ed9086a08999aec70dc9dfbb commit cf27a98f65a37ac7ed9086a08999aec70dc9dfbb Author: Mike Gilbert <floppym@gentoo.org> AuthorDate: 2018-12-06 23:11:06 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2018-12-06 23:11:39 +0000 sys-auth/polkit: backport fix for CVE-2018-19788 Bug: https://bugs.gentoo.org/672578 Package-Manager: Portage-2.3.52_p8, Repoman-2.3.12_p20 Signed-off-by: Mike Gilbert <floppym@gentoo.org> sys-auth/polkit/files/CVE-2018-19788.patch | 339 +++++++++++++++++++++++++++++ sys-auth/polkit/polkit-0.115-r2.ebuild | 142 ++++++++++++ 2 files changed, 481 insertions(+)
Let's wait a couple days before stabilizing please.
security@: ping
This issue was resolved and addressed in GLSA 201908-14 at https://security.gentoo.org/glsa/201908-14 by GLSA coordinator Aaron Bauman (b-man).
