A flaw was found in polkit. When a requesting process disconnects from dbus-daemon just before the call to polkit_system_bus_name_get_creds_sync starts, the process cannot get a unique uid and pid of the process and it cannot verify the privileges of the requesting process (CVE-2021-3560).

OSVersionArchitecturePackageVersionFilename
Mageia7noarchpolkit< 0.116-1.1polkit-0.116-1.1.mga7
Mageia8noarchpolkit< 0.118-1.1polkit-0.118-1.1.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	7	noarch	polkit	< 0.116-1.1	polkit-0.116-1.1.mga7
Mageia	8	noarch	polkit	< 0.118-1.1	polkit-0.118-1.1.mga8

References

access.redhat.com/errata/RHSA-2021:2238

bugs.mageia.org/show_bug.cgi?id=29076

almalinux 1

osv 3

packetstorm 2

f5 1

githubexploit 26

openvas 16

gentoo 1

ubuntu 1

nessus 29

fedora 2

cvelist 1

cve 1

altlinux 1

suse 2

cisa_kev 1

redhatcve 1

cbl_mariner 1

redhat 8

redos 1

photon 8

attackerkb 1

thn 3

veracode 1

archlinux 1

rocky 1

alpinelinux 1

zdt 2

debiancve 1

freebsd 1

slackware 1

prion 1

ubuntucve 1

oraclelinux 1

exploitdb 1

github 2

seebug 1

rapid7blog 1

trellix 2

oracle 1

almalinux

Important: polkit security update

2021-06-03 07:54:47

osv

CVE-2021-3560

2022-02-16 19:15:08

policykit-1 vulnerability

2021-06-03 10:51:20

Important: polkit security update

2021-06-03 07:54:47

packetstorm

Polkit D-Bus Authentication Bypass

2021-07-09 00:00:00

Polkit 0.105-26 0.117-2 Privilege Escalation

2021-06-15 00:00:00

K41410307 : polkit vulnerability CVE-2021-3560

2021-07-14 00:00:00

githubexploit

Exploit for CVE-2021-3560

2021-07-26 07:08:36

Exploit for Improper Check for Unusual or Exceptional Conditions in Polkit Project Polkit

2022-05-02 23:56:31

Exploit for Improper Check for Unusual or Exceptional Conditions in Polkit Project Polkit

2021-07-28 06:05:46

openvas

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2021-2561)

2021-09-28 00:00:00

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2021-2311)

2021-08-09 00:00:00

Ubuntu: Security Advisory (USN-4980-1)

2021-06-04 00:00:00

gentoo

polkit: Privilege escalation

2021-07-13 00:00:00

ubuntu

polkit vulnerability

2021-06-03 00:00:00

nessus

Photon OS 3.0: Polkit PHSA-2021-3.0-0248

2021-06-04 00:00:00

EulerOS Virtualization 2.9.1 : polkit (EulerOS-SA-2021-2738)

2021-11-17 00:00:00

Oracle Linux 8 : polkit (ELSA-2021-2238)

2021-06-04 00:00:00

fedora

[SECURITY] Fedora 34 Update: polkit-0.117-3.fc34.1

2021-06-07 01:16:40

[SECURITY] Fedora 33 Update: polkit-0.117-2.fc33.1

2021-06-19 01:14:12

cvelist

CVE-2021-3560

2022-02-16 00:00:00

cve

CVE-2021-3560

2022-02-16 19:15:00

altlinux

Security fix for the ALT Linux 9 package polkit version 0.116-alt2.M90P.2

2021-06-15 00:00:00

suse

Security update for polkit (important)

2021-07-11 00:00:00

Security update for polkit (important)

2021-06-04 00:00:00

cisa_kev

Red Hat Polkit Incorrect Authorization Vulnerability

2023-05-12 00:00:00

redhatcve

CVE-2021-3560

2021-06-03 07:20:59

cbl_mariner

CVE-2021-3560 affecting package polkit 0.116-7

2022-02-01 04:53:56

redhat

(RHSA-2021:2236) Important: polkit security update

2021-06-03 07:54:08

(RHSA-2021:2238) Important: polkit security update

2021-06-03 07:54:47

(RHSA-2021:2237) Important: polkit security update

2021-06-03 07:54:25

redos

ROS-20211223-06

2021-12-23 00:00:00

photon

Important Photon OS Security Update - PHSA-2021-0037

2021-06-03 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0397

2021-06-03 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0350

2021-06-04 00:00:00

attackerkb

CVE-2021-3560

2022-02-16 00:00:00

thn

7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access

2021-06-11 07:47:00

12-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access

2022-01-26 05:39:00

Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions

2023-10-04 07:21:00

veracode

Denial Of Service (DoS)

2021-06-04 22:46:32

archlinux

[ASA-202106-24] polkit: privilege escalation

2021-06-09 00:00:00

rocky

polkit security update

2021-06-03 07:54:47

alpinelinux

CVE-2021-3560

2022-02-16 19:15:00

zdt

Polkit D-Bus Authentication Bypass Exploit

2021-07-10 00:00:00

Polkit 0.105-26 0.117-2 - Local Privilege Escalation Exploit

2021-06-15 00:00:00

debiancve

CVE-2021-3560

2022-02-16 19:15:00

freebsd

polkit -- local privilege escalation using polkit_system_bus_name_get_creds_sync

2021-06-03 00:00:00

slackware

[slackware-security] polkit

2021-06-07 19:07:33

prion

Design/Logic Flaw

2022-02-16 19:15:00

ubuntucve

CVE-2021-3560

2021-06-03 00:00:00

oraclelinux

polkit security update

2021-06-04 00:00:00

exploitdb

Polkit 0.105-26 0.117-2 - Local Privilege Escalation

2021-06-15 00:00:00

github

Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug

2021-06-10 16:00:52

The GitHub Security Lab’s journey to disclosing 500 CVEs in open source projects

2023-09-21 20:56:46

seebug

Linux Polkit权限提升漏洞（CVE-2021-3560）

2021-06-15 00:00:00

rapid7blog

Metasploit Wrap-Up

2021-07-16 19:47:06

trellix

The Bug Report - January 2022 Edition

2022-02-02 00:00:00

The Bug Report - January 2022 Edition

2022-02-02 00:00:00

oracle

Oracle Critical Patch Update Advisory - July 2021

2021-07-20 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

0.012 Low

EPSS

Percentile

84.9%

JSON

Related for MGASA-2021-0244