Multiple vulnerabilities have been found in PolicyKit, the worst of which may allow a local attacker to gain root privileges.
Package | sys-auth/polkit on all architectures |
---|---|
Affected versions | < 0.104-r1 |
Unaffected versions | >= 0.104-r1 |
PolicyKit is a toolkit for controlling privileges for system-wide services.
Multiple vulnerabilities have been found in PolicyKit:
A local attacker could gain elevated privileges or sensitive information.
There is no known workaround at this time.
All PolicyKit users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-auth/polkit-0.104-r1"