CVE-2011-4945

Name of the Vulnerable Software and Affected Versions PolicyKit versions prior to 0.104

Description The issue concerns multiple vulnerabilities in the polkit package that can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited locally, potentially allowing unauthorized access to sensitive data. Specifically, in PolicyKit version 0.103, the default setting of AdminIdentities to "wheel" allows local users in the wheel group to gain root privileges without authentication.

Recommendations For versions prior to 0.104, update to version 0.104 or later to resolve the issue. As a temporary workaround, consider modifying the AdminIdentities setting to restrict access to root privileges.