CVE-2016-2568
First published: Thu Jan 21 2016(Updated: )
It was reported that when executing a program via "pkexec --user nonpriv program", the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing privilege escalation. Original bug report (contains reproducer): <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED ERRATA - pkexec tty hijacking via TIOCSTI ioctl" href="show_bug.cgi?id=1299955">https://bugzilla.redhat.com/show_bug.cgi?id=1299955</a>
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/policykit-1 | <=0.105-31+deb11u1<=122-3<=125-2 | |
| Polkit | ||
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2016/02/26/3
- https://access.redhat.com/security/cve/cve-2016-2568
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816062
- https://bugzilla.redhat.com/show_bug.cgi?id=1300746
- https://ubuntu.com/security/CVE-2016-2568
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1299955
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1300747
- http://seclists.org/oss-sec/2016/q1/443
- https://access.redhat.com/security/updates/classification/
- https://patchwork.kernel.org/patch/9753697/
- https://security-tracker.debian.org/tracker/CVE-2016-2568
- https://bugzilla.redhat.com/show_bug.cgi?id=1299955
- https://launchpad.net/bugs/cve/CVE-2016-2568
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2568
- https://nvd.nist.gov/vuln/detail/CVE-2016-2568
Frequently Asked Questions
What is the severity of CVE-2016-2568?
CVE-2016-2568 is considered a high severity vulnerability due to its potential to allow privilege escalation.
How do I fix CVE-2016-2568?
To fix CVE-2016-2568, update the affected packages in your operating system to the latest versions that have addressed this vulnerability.
Which systems are affected by CVE-2016-2568?
CVE-2016-2568 affects systems utilizing policykit-1 and applications that make use of the TIOCSTI ioctl.
What could happen if CVE-2016-2568 is exploited?
If exploited, CVE-2016-2568 allows an unprivileged user to escalate their privileges to execute commands with higher permissions.
When was CVE-2016-2568 reported?
CVE-2016-2568 was reported in February 2016, raising concerns about the security of systems using affected software.
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-2568
- agent/weakness
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/debian-bugs
- source/Debian
- collector/launchpad-cve
- source/Launchpad
- agent/author
- collector/security-tracker-debian
- agent/software-canonical-lookup
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- agent/event
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- package-manager/debian
- vendor/freedesktop
- canonical/polkit
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0