CVE-2014-5033

polkit-qt: insecure calling of polkit

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."

KDE kdelibs anterior a 4.14 y kauth anterior a 5.1 no utilizan debidamente D-Bus para la comunicación con una autoridad polkit, lo que permite a usuarios locales evadir las restricciones de acceso mediante el aprovechamiento de una condición de carrera PolkitUnixProcess PolkitSubject a través de un proceso (1) setuid o (2) pkexec, relacionado con el CVE-2013-4288 y 'condiciones de carrera de reuso PID.'

It was found that polkit-qt handled authorization requests with PolicyKit via a D-Bus API that is vulnerable to a race condition. A local user could use this flaw to bypass intended PolicyKit authorizations.

Polkit-qt is a library that lets developers use the PolicyKit API through a Qt-styled API. The polkit-qt library is used by the KDE Authentication Agent, which is a part of kdelibs. It was found that polkit-qt handled authorization requests with PolicyKit via a D-Bus API that is vulnerable to a race condition. A local user could use this flaw to bypass intended PolicyKit authorizations. This update modifies polkit-qt to communicate with PolicyKit via a different API that is not vulnerable to the race condition. All polkit-qt users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-07-22 CVE Reserved
2014-07-31 CVE Published
2023-03-08 EPSS Updated
2024-08-06 CVE Updated
2024-08-06 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CAPEC

References (12)

URL	Tag	Source
http://quickgit.kde.org/?p=kauth.git&a=commit&h=341b7d84b6d9c03cf56905cb277b47e11c81482a	X_refsource_confirm
http://secunia.com/advisories/60385	Third Party Advisory
http://secunia.com/advisories/60633	Third Party Advisory
http://secunia.com/advisories/60654	Third Party Advisory

URL	Date	SRC
http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=e4e7b53b71e2659adaf52691d4accc3594203b23	2024-08-06

URL	Date	SRC

URL	Date	SRC
http://lists.opensuse.org/opensuse-updates/2014-08/msg00012.html	2014-10-16
http://rhn.redhat.com/errata/RHSA-2014-1359.html	2014-10-16
http://www.debian.org/security/2014/dsa-3004	2014-10-16
http://www.kde.org/info/security/advisory-20140730-1.txt	2014-10-16
http://www.ubuntu.com/usn/USN-2304-1	2014-10-16
https://access.redhat.com/security/cve/CVE-2014-5033	2014-10-06
https://bugzilla.redhat.com/show_bug.cgi?id=1094890	2014-10-06

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Debian Search vendor "Debian"		Kde4libs Search vendor "Debian" for product "Kde4libs"				-		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"		lts		Affected
Kde Search vendor "Kde"		Kauth Search vendor "Kde" for product "Kauth"				<= 5.0 Search vendor "Kde" for product "Kauth" and version " <= 5.0"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				<= 4.13.97 Search vendor "Kde" for product "Kdelibs" and version " <= 4.13.97"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.10.0 Search vendor "Kde" for product "Kdelibs" and version "4.10.0"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.10.1 Search vendor "Kde" for product "Kdelibs" and version "4.10.1"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.10.2 Search vendor "Kde" for product "Kdelibs" and version "4.10.2"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.10.3 Search vendor "Kde" for product "Kdelibs" and version "4.10.3"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.10.95 Search vendor "Kde" for product "Kdelibs" and version "4.10.95"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.10.97 Search vendor "Kde" for product "Kdelibs" and version "4.10.97"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.11.0 Search vendor "Kde" for product "Kdelibs" and version "4.11.0"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.11.1 Search vendor "Kde" for product "Kdelibs" and version "4.11.1"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.11.2 Search vendor "Kde" for product "Kdelibs" and version "4.11.2"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.11.3 Search vendor "Kde" for product "Kdelibs" and version "4.11.3"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.11.4 Search vendor "Kde" for product "Kdelibs" and version "4.11.4"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.11.5 Search vendor "Kde" for product "Kdelibs" and version "4.11.5"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.11.80 Search vendor "Kde" for product "Kdelibs" and version "4.11.80"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.11.90 Search vendor "Kde" for product "Kdelibs" and version "4.11.90"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.11.95 Search vendor "Kde" for product "Kdelibs" and version "4.11.95"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.11.97 Search vendor "Kde" for product "Kdelibs" and version "4.11.97"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.12.0 Search vendor "Kde" for product "Kdelibs" and version "4.12.0"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.12.1 Search vendor "Kde" for product "Kdelibs" and version "4.12.1"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.12.2 Search vendor "Kde" for product "Kdelibs" and version "4.12.2"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.12.3 Search vendor "Kde" for product "Kdelibs" and version "4.12.3"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.12.4 Search vendor "Kde" for product "Kdelibs" and version "4.12.4"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.12.5 Search vendor "Kde" for product "Kdelibs" and version "4.12.5"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.12.80 Search vendor "Kde" for product "Kdelibs" and version "4.12.80"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.12.90 Search vendor "Kde" for product "Kdelibs" and version "4.12.90"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.12.95 Search vendor "Kde" for product "Kdelibs" and version "4.12.95"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.12.97 Search vendor "Kde" for product "Kdelibs" and version "4.12.97"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.13.0 Search vendor "Kde" for product "Kdelibs" and version "4.13.0"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.13.1 Search vendor "Kde" for product "Kdelibs" and version "4.13.1"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.13.2 Search vendor "Kde" for product "Kdelibs" and version "4.13.2"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.13.3 Search vendor "Kde" for product "Kdelibs" and version "4.13.3"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.13.80 Search vendor "Kde" for product "Kdelibs" and version "4.13.80"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.13.90 Search vendor "Kde" for product "Kdelibs" and version "4.13.90"		-		Affected
Kde Search vendor "Kde"		Kdelibs Search vendor "Kde" for product "Kdelibs"				4.13.95 Search vendor "Kde" for product "Kdelibs" and version "4.13.95"		-		Affected