公告ID: KYLIN-2019-6133
安全等级: 重要
产品: Kylin V3
发布日期: 2019年1月9日
CVE: CVE-2019-6133
CVSS3评分: 7.3
概述:
None 描述:
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. 系统版本:
KYLIN 3.2.x
KYLIN 3.3.x
受影响包列表:
polkit
polkit