Description
pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 debian 12 | | =122-3 || =122-4 || =123-1 || =123-2 || =123-3 || =124-1 || =124-2 || =124-3 || =125-1 || =125-2 || =126-1 || =126-2 || =127-1 || =127-2 || =127-3 | - |
debian 13 | | | 123-1 |
debian 11 | | =0.105-31 || =0.105-31+deb11u1 || =0.105-31.1 || =0.105-31.1~deb12u1 || =0.105-32 || =0.105-33 || =0.109-1 || =0.110-1 || =0.110-2 || =0.110-3 || =0.112-1 || =0.112-2 || =0.112-3 || =0.112-4 || =0.112-5 || =0.113-1 || =0.113-2 || =0.113-3 || =0.113-4 || =0.113-5 || =0.113-6 || =0.114-1 || =0.115-1 || =0.115-2 || =0.115-3 || =0.116-1 || =0.116-2 || =0.116-3 || =0.117-1 || =0.118-1 || =0.118-2 || =0.119-1 || =0.120-1 || =0.120-2 || =0.120-3 || =0.120-4 || =0.120-5 || =0.120-6 || =121+compat0.1-1 || =121+compat0.1-2 || =121+compat0.1-3 || =121+compat0.1-4 || =121+compat0.1-5 || =121+compat0.1-6 || =121-1 || =121-2 || =122-1 || =122-2 || =122-3 || =122-4 || =123-1 || =123-2 || =123-3 || =124-1 || =124-2 || =124-3 || =125-1 || =125-2 || =126-1 || =126-2 || =127-1 || =127-2 || =127-3 | - |
debian 14 | | | 123-1 |
 rpm rhel7 | | - | - |
rpm rhel6 | | - | - |
rpm rhel9 | | - | - |
