Hello o/ I have not been able to reproduce this issue on a non-Debian based distro. So far, we do not have evidence that upstream is affected.
I left some testing comments upsteam: https://github.com/polkit-org/polkit/issues/545 This issue affects Ubuntu 24.04+ Desktop and Server. Ubuntu 22.04 is unaffected, which uses policykit-1 version 0.105-33. My personal laptop runs 24.04 server without policykit-1 (or gdm) and I am not affected. If this is verified as a Debian introduced vulnerability, I can assign a CVE. Cheers, Mark
signature.asc
Description: PGP signature
