{"id":"DEBIAN-CVE-2016-2568","details":"pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.","modified":"2026-04-28T20:15:21.191300Z","published":"2017-02-13T18:59:00.393Z","upstream":["CVE-2016-2568"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2016-2568"}],"affected":[{"package":{"name":"policykit-1","ecosystem":"Debian:11","purl":"pkg:deb/debian/policykit-1?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.105-31","0.105-31+deb11u1","0.105-31.1","0.105-31.1~deb12u1","0.105-32","0.105-33","0.109-1","0.110-1","0.110-2","0.110-3","0.112-1","0.112-2","0.112-3","0.112-4","0.112-5","0.113-1","0.113-2","0.113-3","0.113-4","0.113-5","0.113-6","0.114-1","0.115-1","0.115-2","0.115-3","0.116-1","0.116-2","0.116-3","0.117-1","0.118-1","0.118-2","0.119-1","0.120-1","0.120-2","0.120-3","0.120-4","0.120-5","0.120-6","121+compat0.1-1","121+compat0.1-2","121+compat0.1-3","121+compat0.1-4","121+compat0.1-5","121+compat0.1-6","121-1","121-2","122-1","122-2","122-3","122-4","123-1","123-2","123-3","124-1","124-2","124-3","125-1","125-2","126-1","126-2","127-1","127-2","127-3"],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2016-2568.json"}},{"package":{"name":"policykit-1","ecosystem":"Debian:12","purl":"pkg:deb/debian/policykit-1?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["122-3","122-4","123-1","123-2","123-3","124-1","124-2","124-3","125-1","125-2","126-1","126-2","127-1","127-2","127-3"],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2016-2568.json"}},{"package":{"name":"policykit-1","ecosystem":"Debian:13","purl":"pkg:deb/debian/policykit-1?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"123-1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2016-2568.json"}},{"package":{"name":"policykit-1","ecosystem":"Debian:14","purl":"pkg:deb/debian/policykit-1?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"123-1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2016-2568.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}]}