Linux PolicyKit Vulnerability Allows for Super User

A vulnerability present in Linux’s PolicyKit application allows users with a user-id (UID) greater than the INT_MAX variable, which is set to 2147483647, to execute any systemctl command. It affects PolicyKit version 0.115, which is pre-installed on most Linux distributions. The vulnerability exists due to PolicyKit’s improper validation of permission requests for low-level users. Until a patch is released, it is recommended that administrators not allow any negative UIDs or UIDs greater than 21247483646. This vulnerability has been categorized by MITRE as CVE-2018-19788. The NJCCIC recommends reviewing the Red Hat advisory and following the recommended mitigations.

AdvisoryNJCCICLinux