CVE-2018-19788

NONE EPSS 95.5%
Published Dec 3, 20187y ago ยท Modified Jun 17, 20262w ago
Find Similar
Published Dec 3, 2018 7y ago
Last Modified Jun 17, 2026 2w ago

Description

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

Threat Intelligence

EPSS Exploit Probability
95.5% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 8

VendorProductVersionRange
polkit_projectpolkit0.115any
debiandebian_linux8.0any
debiandebian_linux9.0any
canonicalubuntu_linux12.04any
canonicalubuntu_linux14.04any
canonicalubuntu_linux16.04any
canonicalubuntu_linux18.04any
canonicalubuntu_linux18.10any

References 10

Remediation

  • gitlab.freedesktop.org https://gitlab.freedesktop.org/polkit/polkit/issues/74
    ExploitPatchThird Party Advisory