Oval Definition:oval:com.redhat.rhsa:def:20110455
Revision Date:2011-04-19Version:638
Title:RHSA-2011:0455: polkit security update (Important)
Description:PolicyKit is a toolkit for defining and handling authorizations.

  • A race condition flaw was found in the PolicyKit pkexec utility and polkitd daemon. A local user could use this flaw to appear as a privileged user to pkexec, allowing them to execute arbitrary commands as root by running those commands with pkexec. (CVE-2011-1485)

    Red Hat would like to thank Neel Mehta of Google for reporting this issue.

    All polkit users should upgrade to these updated packages, which contain backported patches to correct this issue. The system must be rebooted for this update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2011-1485
    CVE-2011-1485
    RHSA-2011:0455
    RHSA-2011:0455-01
    RHSA-2011:0455-01
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • polkit is earlier than 0:0.96-2.el6_0.1
  • AND polkit is signed with Red Hat redhatrelease2 key
  • polkit-desktop-policy is earlier than 0:0.96-2.el6_0.1
  • AND polkit-desktop-policy is signed with Red Hat redhatrelease2 key
  • polkit-devel is earlier than 0:0.96-2.el6_0.1
  • AND polkit-devel is signed with Red Hat redhatrelease2 key
  • polkit-docs is earlier than 0:0.96-2.el6_0.1
  • AND polkit-docs is signed with Red Hat redhatrelease2 key
    • BACK