[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Is Guix vulnerable to this polkit CVE?

From: jbranso
Subject: Is Guix vulnerable to this polkit CVE?
Date: Thu, 10 Jun 2021 22:35:02 +0000

I just found this article on polkit having a CVE:

It looks pretty nasty...

" The vulnerability enables an unprivileged local user to get a root shell on the system. It’s easy to exploit with a few standard command line tools, as you can see in this short video. In this blog post, I’ll explain how the exploit works and show you where the bug was in the source code. "

In the hacker news comments it is fixed in:

Polkit version 0.119 fixes it, here's the diff:

You all awesome devs have probably already fixed it, but I am just emailing to make sure.



"Aim for stars...because even if you'll fall at least you'll fall on Uranus."

reply via email to

[Prev in Thread] Current Thread [Next in Thread]