CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
43.4%
There is a file descriptor leak in polkit, which can enable an unprivileged user to cause polkit to crash, due to file descriptor exhaustion. (CVE-2021-4115)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | polkit | < 0.118-1.3 | polkit-0.118-1.3.mga8 |
bugs.mageia.org/show_bug.cgi?id=30066
bugzilla.redhat.com/show_bug.cgi?id=2007534
lists.fedoraproject.org/archives/list/[email protected]/thread/KLISGPPFV5UH2W72SRUBNVWZWI7CWAAY/
lists.opensuse.org/archives/list/[email protected]/thread/D6R7S5GYVKZ4LZLTJ5KNEDZRGJISXBAZ/
securitylab.github.com/advisories/GHSL-2021-077-polkit/
www.openwall.com/lists/oss-security/2022/02/18/1
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
43.4%