CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2018-8885
https://notcve.org/view.php?id=CVE-2018-8885
screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService._check_permission call. screenresolution-mechanism en screen-resolution-extra 0.17.2 no emplea correctamente la API PolicyKit D-Bus API, lo que permite que usuarios locales omitan las restricciones de acceso planeadas aprovechando una condición de carrera mediante un proceso setuid o pkexec que se gestiona de manera incorrecta en una llamada PolicyKitService._check_permission. • https://usn.ubuntu.com/3607-1 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •