ACK: [PATCH 0/1][SRU][X/B/C] CVE-2019-6133 - Untrustable process start_time
Khaled Elmously
khalid.elmously at canonical.com
Mon Jan 28 03:51:01 UTC 2019
On 2019-01-25 01:49:36 , Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-6133.html
>
> In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be
> bypassed because fork() is not atomic, and therefore authorization decisions
> are improperly cached. This is related to lack of uid checking in
> polkitbackend/polkitbackendinteractiveauthority.c.
>
> This CVE was assigned against PolicyKit but there's a more complete fix
> available for the kernel and the Ubuntu Security Team asked that we include the
> kernel fix.
>
> This is a clean cherry pick to Xenial, Bionic, and Cosmic. I've attempted to
> test this fix with the reproducer in the Project Zero bug report but could not
> get the reproducer to work prior to applying this kernel fix. The results are
> the same after applying this kernel fix (reproducer still doesn't work).
>
> Tyler
>
Acked-by: Khalid Elmously <khalid.elmously at canonical.com>
More information about the kernel-team
mailing list