Vulnerabilities (CVE)

Filtered by vendor Lennart Poettering Subscribe
Filtered by product Rkit
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-4326 2 Lennart Poettering, Redhat 2 Rkit, Enterprise Linux 2024-11-21 4.6 MEDIUM N/A
RealtimeKit (aka rtkit) 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.