libpolkit.so is vulnerable to command execution. A lack of validation on the user’s UID
allows any user with a value greater than INT_MAX
to successfully execute any systemctl
command.
CPE | Name | Operator | Version |
---|---|---|---|
libpolkit-gobject-1.so | eq | 0.0.0 | |
polkit | eq | 0.112__18.el7_6.1 | |
polkit | eq | 0.112__18.el7 |