CVE-2013-4325

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-4325 at MITRE

Description

The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process.

NVD CVSS v2 Base Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)

SUSE information

SUSE Bugzilla entries: 808355, 836931, 836932, 836937, 852368, 864716

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP2
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
sledsp2-hplip
SUSE Linux Enterprise Desktop 11 SP3
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
sledsp3-hplip
SUSE Linux Enterprise Server 11 SP2
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
slessp2-hplip
SUSE Linux Enterprise Server 11 SP3
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
slessp3-hplip
SUSE Linux Enterprise Server for VMWare 11 SP2
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
slessp2-hplip
SUSE Linux Enterprise Server for VMWare 11 SP3
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Patchnames:
slessp3-hplip
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Builds
SAT Patch Nr: 8775
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • hplip >= 3.11.10-0.6.11.1
  • hplip-hpijs >= 3.11.10-0.6.11.1
Builds
SAT Patch Nr: 8777
openSUSE 12.3
  • hplip >= 3.12.11-2.5.1
  • hplip-debuginfo >= 3.12.11-2.5.1
  • hplip-debugsource >= 3.12.11-2.5.1
  • hplip-hpijs >= 3.12.11-2.5.1
  • hplip-hpijs-debuginfo >= 3.12.11-2.5.1
  • hplip-sane >= 3.12.11-2.5.1
  • hplip-sane-debuginfo >= 3.12.11-2.5.1
Patchnames:
openSUSE-2013-812
openSUSE Evergreen 11.4
  • hplip >= 3.11.5-1.15.1
  • hplip-debuginfo >= 3.11.5-1.15.1
  • hplip-debugsource >= 3.11.5-1.15.1
  • hplip-hpijs >= 3.11.5-1.15.1
  • hplip-hpijs-debuginfo >= 3.11.5-1.15.1
Patchnames:
2013-154