Kevin Backhouse discovered that polkit incorrectly handled errors in the polkitsystembusnamegetcredssync function. A local attacker could possibly use this issue to escalate privileges.
{ "availability": "No subscription required", "binaries": [ { "gir1.2-polkit-1.0": "0.105-26ubuntu1.1", "libpolkit-gobject-1-dev": "0.105-26ubuntu1.1", "libpolkit-agent-1-dev": "0.105-26ubuntu1.1", "libpolkit-gobject-1-0": "0.105-26ubuntu1.1", "libpolkit-gobject-1-0-dbgsym": "0.105-26ubuntu1.1", "libpolkit-agent-1-0-dbgsym": "0.105-26ubuntu1.1", "policykit-1-dbgsym": "0.105-26ubuntu1.1", "policykit-1-doc": "0.105-26ubuntu1.1", "libpolkit-agent-1-0": "0.105-26ubuntu1.1", "policykit-1": "0.105-26ubuntu1.1" } ] }