A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.
[
{
"vendor": "n/a",
"product": "Glib",
"versions": [
{
"version": "Fixed in glib2 2.63.6",
"status": "affected"
}
]
}
]