This issue affects the versions of polkit as shipped with Red Hat Enterprise Linux 6 and 7.
Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
|CVSS3 Base Score||7|
|CVSS3 Base Metrics||CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H|
Affected Packages State
|Red Hat Virtualization 4||polkit||Under investigation|
|Red Hat Enterprise Linux 7||polkit||Affected|
|Red Hat Enterprise Linux 6||polkit||Will not fix|
Do not allow negative UIDs or UIDs greater than 2147483646.