CVE-2011-1485

Publication date 19 April 2011

Last updated 24 July 2024


Ubuntu priority

Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.

Read the notes from the security team

Status

Package Ubuntu Release Status
policykit-1 10.10 maverick
Fixed 0.96-2ubuntu1.1
10.04 LTS lucid
Fixed 0.96-2ubuntu0.1
9.10 karmic
Fixed 0.94-1ubuntu1.1
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release

Notes


kees

older "policykit" package lacks "pkexec" entirely.

References

Related Ubuntu Security Notices (USN)

    • USN-1117-1
    • PolicyKit vulnerability
    • 19 April 2011

Other references