The _checkPolkitPrivilege function in serviceHelper.py in Back In Time (aka backintime) 1.1.18 and earlier uses a deprecated polkit authorization method (unix-process) that is subject to a race condition (time of check, time of use). With this authorization method, the owner of a process requesting a polkit operation is checked by polkitd via /proc/<pid>/status, by which time the requesting process may have been replaced by a different process with the same PID that has different privileges then the original requester.
References
Link | Resource |
---|---|
https://github.com/bit-team/backintime/commit/7f208dc547f569b689c888103e3b593a48cd1869 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:23:01
Updated: 2022-10-03T16:23:01
Reserved: 2022-10-03T00:00:00
Link: CVE-2017-7572
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-04-06T18:59:00.353
Modified: 2017-04-12T20:48:02.560
Link: CVE-2017-7572
JSON object: View
Redhat Information
No data.
CWE