Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201611-07
HistoryNov 15, 2016 - 12:00 a.m.

polkit: Heap-corruption on duplicate IDs

2016-11-1500:00:00
Gentoo Foundation
security.gentoo.org
16

0.0004 Low

EPSS

Percentile

5.2%

JSON

Background

polkit is a toolkit for managing policies relating to unprivileged processes communicating with privileged processes.

Description

A vulnerability was discovered in polkit’s polkit_backend_action_pool_init function due to duplicate action IDs in action descriptions.

Impact

Local attackers are able to gain unauthorized privileges on the system.

Workaround

There is no known workaround at this time.

Resolution

All polkit users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=sys-auth/polkit-0.113"
OSVersionArchitecturePackageVersionFilename
Gentooanyallsys-auth/polkit< 0.113UNKNOWN

Related

ubuntucve 1
debiancve 1
prion 1
nessus 13
cve 1
cvelist 1
openvas 12
ubuntu 2
fedora 2
mageia 1
suse 1
freebsd 1
ubuntucve
ubuntucve
CVE-2015-3255
2015-10-26 00:00:00
debiancve
debiancve
CVE-2015-3255
2015-10-26 19:59:00
prion
prion
Design/Logic Flaw
2015-10-26 19:59:00
nessus
nessus
GLSA-201611-07 : polkit: Heap-corruption on duplicate IDs
2016-11-15 00:00:00
EulerOS 2.0 SP3 : polkit (EulerOS-SA-2020-1424)
2020-04-15 00:00:00
Fedora 21 : polkit-0.113-4.fc21 (2015-11743)
2015-07-22 00:00:00
cve
cve
CVE-2015-3255
2015-10-26 19:59:00
cvelist
cvelist
CVE-2015-3255
2015-10-26 19:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3717-2)
2022-08-26 00:00:00
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2020-1424)
2020-04-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1838-1)
2021-04-19 00:00:00
ubuntu
ubuntu
PolicyKit vulnerabilities
2018-07-17 00:00:00
PolicyKit vulnerabilities
2018-07-16 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: polkit-0.113-4.fc21
2015-07-21 08:23:46
[SECURITY] Fedora 22 Update: polkit-0.113-1.fc22
2015-07-13 19:09:03
mageia
mageia
Updated polkit package fixes security vulnerabilities
2015-07-05 20:22:03
suse
suse
Security update for polkit (important)
2015-10-14 10:10:10
freebsd
freebsd
polkit -- multiple vulnerabilities
2015-06-03 00:00:00

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for GLSA-201611-07
ubuntucve1debiancve1prion1nessus13cve1cvelist1openvas12ubuntu2fedora2mageia1suse1freebsd1