A vulnerability in Polkit’s pkexec component could allow for local privilege escalation. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged ones. Polkit is installed by default on all major Linux distributions. Successful exploitation of this vulnerability could result in privilege escalation to root privileges.
More Stories
LSN-0093-1: Kernel Live Patch Security Notice
Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations....
USN-5972-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...
CVE-2018-25083
The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval is used on an attacker-supplied Git branch...
USN-5954-2: Firefox regressions
USN-5954-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the...
jpegoptim-1.5.3-1.fc38
FEDORA-2023-ee0bc9afb6 Packages in this update: jpegoptim-1.5.3-1.fc38 Update description: v1.5.3 - fix potential heap-buffer-overflow (read) when using stdin/stdout and processing corrupt...
jpegoptim-1.5.3-1.el9
FEDORA-EPEL-2023-9391e7aeda Packages in this update: jpegoptim-1.5.3-1.el9 Update description: v1.5.3 - fix potential heap-buffer-overflow (read) when using stdin/stdout and processing corrupt...