Privilege Escalation via Race Condition in PolicyKit (polkit) 0.96

Privilege Escalation via Race Condition in PolicyKit (polkit) 0.96

CVE-2011-1485 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.

Learn more about our User Device Pen Test.