Bypassing Start Time Protection Mechanism in PolicyKit 0.115
CVE-2019-6133 · MEDIUM Severity
AV:L/AC:M/AU:N/C:P/I:P/A:P
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
Learn more about our Web Application Penetration Testing UK.