security/vuxml: document vulnerability in sysutils/polkit

Cedric Buissart reports:

	The function `polkit_system_bus_name_get_creds_sync` is used to get the
	uid and pid of the process requesting the action. It does this by
	sending the unique bus name of the requesting process, which is
	typically something like ":1.96", to `dbus-daemon`. These unique names
	are assigned and managed by `dbus-daemon` and cannot be forged, so this
	is a good way to check the privileges of the requesting process.

	The vulnerability happens when the requesting process disconnects from
	`dbus-daemon` just before the call to
	`polkit_system_bus_name_get_creds_sync` starts. In this scenario, the
	unique bus name is no longer valid, so `dbus-daemon` sends back an error
	reply. This error case is handled in
	`polkit_system_bus_name_get_creds_sync` by setting the value of the
	`error` parameter, but it still returns `TRUE`, rather than `FALSE`.
	This behavior means that all callers of
	`polkit_system_bus_name_get_creds_sync` need to carefully check whether
	an error was set. If the calling function forgets to check for errors
	then it will think that the uid of the requesting process is 0 (because
	the `AsyncGetBusNameCredsData` struct is zero initialized). In other
	words, it will think that the action was requested by a root process,
	and will therefore allow it.

PR:		256405
Security:	CVE-2021-3560 polkit