CVE-2018-19788 : A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid g

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

Published 2018-12-03 06:29:00

Updated 2019-08-06 17:15:34

Source MITRE

View at NVD, CVE.org

Vulnerability category: Input validation

Products affected by CVE-2018-19788

Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 16.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.10
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
Matching versions
Polkit Project » Polkit » Version: 0.115
cpe:2.3:a:polkit_project:polkit:0.115:*:*:*:*:*:*:*
Matching versions

EPSS FAQ

58.35%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 98 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.0	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:C	8.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
8.8	HIGH	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

https://gitlab.freedesktop.org/polkit/polkit/issues/74

unprivileged users with UID > INT_MAX can successfully execute any systemctl command (#74) · Issues · polkit / polkit · GitLab
Exploit;Patch;Third Party Advisory
https://usn.ubuntu.com/3861-2/

USN-3861-2: PolicyKit vulnerability | Ubuntu security notices
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3232

RHSA-2019:3232 - Security Advisory - Red Hat Customer Portal
https://security.gentoo.org/glsa/201908-14

polkit: Multiple vulnerabilities (GLSA 201908-14) — Gentoo security

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2019:2046

RHSA-2019:2046 - Security Advisory - Red Hat Customer Portal
https://usn.ubuntu.com/3861-1/

USN-3861-1: PolicyKit vulnerability | Ubuntu security notices
Third Party Advisory
https://www.debian.org/security/2018/dsa-4350

Debian -- Security Information -- DSA-4350-1 policykit-1
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/01/msg00021.html

[SECURITY] [DLA 1644-1] policykit-1 security update
Third Party Advisory

CVEs referencing this url
https://bugs.debian.org/915332

#915332 - policykit-1: CVE-2018-19788: unprivileged users with UID can successfully execute any systemctl command - Debian Bug report logs
Issue Tracking;Mailing List;Third Party Advisory

Jump to