[3.7] polkit: Temporary auth hijacking via PID reuse and non-atomic fork (CVE-2019-6133)
In PolicyKit (aka polkit) 0.115, the “start time” protection mechanism
can be bypassed because fork() is not atomic, and therefore
decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
(from redmine: issue id 10018, created on 2019-02-21)
- parent #10014 (closed)
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information