What is CVE-2018-19788?

CVE-2018-19788 is a vulnerability in N/a. Published 2018-12-03.

Is CVE-2018-19788 known to be exploited?

15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

CVE-2018-19788

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

EPSS: 0.596 (98.3th percentile) — read the EPSS interpretation.

USN-3861-1 (x_refsource_UBUNTU, vendor-advisory)
[debian-lts-announce] 20190128 [SECURITY] [DLA 1644-1] policykit-1 security update (mailing-list, x_refsource_MLIST)
USN-3861-2 (x_refsource_UBUNTU, vendor-advisory)
bugs.debian.org/915332 (x_refsource_MISC)
gitlab.freedesktop.org/polkit/polkit/issues/74 (x_refsource_MISC)
DSA-4350 (vendor-advisory, x_refsource_DEBIAN)
RHSA-2019:2046 (x_refsource_REDHAT, vendor-advisory)
GLSA-201908-14 (vendor-advisory, x_refsource_GENTOO)
RHSA-2019:3232 (x_refsource_REDHAT, vendor-advisory)

What is CVE-2018-19788?: CVE-2018-19788 is a vulnerability in N/a. Published 2018-12-03.
Is CVE-2018-19788 known to be exploited?: 15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.