VDB
DEBIAN-CVE-2018-19788
DEBIAN-CVE-2018-19788
PUBLISHED
CVSS 8.800000190734863 HIGH
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
Risk Scores
CVSS 3.0
8.800000190734863
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | policykit-1 | 0, 0, 0 |
| Debian:13 | policykit-1 | 0, 0, 0 |
| Debian:12 | policykit-1 | 0, 0, 0 |
| Debian:14 | policykit-1 | 0, 0, 0 |
Exploit Intelligence
- Silly easy exploit for CVE-2018-19788 (github-poc-repo)
- Ansible role to check the vulnerability tracked as CVE-2018-19788, impacts PolicyKit version 0.115 which comes pre-installed on a wide range of Linux distributions (github-poc-repo)
- Leveraging CVE-2018-19788 without root shells (github-poc-repo)
- Exploiting The CVE-2018-19788 PolicyKit Bug (github-poc-repo)
- Exploiting The CVE-2018-19788 PolicyKit Bug (github-poc)
- Leveraging CVE-2018-19788 without root shells (github-poc)
- Ansible role to check the vulnerability tracked as CVE-2018-19788, impacts PolicyKit version 0.115 which comes pre-installed on a wide range of Linux distributions (github-poc)
- Silly easy exploit for CVE-2018-19788 (github-poc)
Timeline
- Dec 3, 2018 CVE Published
- Apr 28, 2026 CVE Updated