9178566954
* gnu/packages/patches/polkit-CVE-2021-3560.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/polkit.scm (polkit/fixed): New variable. (polkit)[replacement]: New field.
22 lines
834 B
Diff
22 lines
834 B
Diff
This patch fixes CVE-2021-3560, "local privilege escalation using
|
|
polkit_system_bus_name_get_creds_sync()":
|
|
|
|
https://www.openwall.com/lists/oss-security/2021/06/03/1
|
|
|
|
Patch from <https://gitlab.freedesktop.org/polkit/polkit/-/commit/a04d13a>.
|
|
|
|
diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c
|
|
index 8daa12cb9093c1d765c7b83654a2b8d0d382378e..8ed13631508dd96624898df90ee2ece4dcf3e1e5 100644
|
|
--- a/src/polkit/polkitsystembusname.c
|
|
+++ b/src/polkit/polkitsystembusname.c
|
|
@@ -435,6 +435,9 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus
|
|
while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error))
|
|
g_main_context_iteration (tmp_context, TRUE);
|
|
|
|
+ if (data.caught_error)
|
|
+ goto out;
|
|
+
|
|
if (out_uid)
|
|
*out_uid = data.uid;
|
|
if (out_pid)
|