Multiple vulnerabilities have been found in PolicyKit, the worst of which may allow a local attacker to gain root privileges.
|Package||sys-auth/polkit on all architectures|
|Affected versions||< 0.104-r1|
|Unaffected versions||>= 0.104-r1|
PolicyKit is a toolkit for controlling privileges for system-wide services.
Multiple vulnerabilities have been found in PolicyKit:
A local attacker could gain elevated privileges or sensitive information.
There is no known workaround at this time.
All PolicyKit users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-auth/polkit-0.104-r1"