23 matches found
CLSA-2026-1779368297 polkit: Fix of CVE-2026-4897
CVE-2026-4897: Fix unbounded stdin reads that allow local user to trigger OOM and DoS in setuid helper; add input length checks and limit allocations...
EUVD-2026-16214
A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1 setuid binary via standard input stdin. This unbounded input can lead to an out-of-memory OOM condition, resulting in a Denial of Service DoS for the...
CVE-2026-4897
A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1 setuid binary via standard input stdin. This unbounded input can lead to an out-of-memory OOM condition, resulting in a Denial of Service DoS for the...
EulerOS Virtualization 2.10.0 : polkit (EulerOS-SA-2026-1190)
According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be...
Astra Linux – Vulnerability in Policykit-1
A flaw was discovered in polkit. When processing an XML policy with 32 or more nested elements at depth, an out-of-bounds write vulnerability can be triggered. This issue may lead to a crash or other unexpected behavior, and arbitrary code execution is possible without being detected. To exploit...
EulerOS Virtualization 2.13.0 : polkit (EulerOS-SA-2025-2593)
According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be...
EulerOS 2.0 SP13 : polkit (EulerOS-SA-2025-2306)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This...
EulerOS 2.0 SP11 : polkit (EulerOS-SA-2025-2208)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This...
EUVD-2018-11760
Malware in sbrugna...
EUVD-2025-21350
Malicious code in bioql PyPI...
EulerOS 2.0 SP10 : polkit (EulerOS-SA-2025-2080)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This...
EulerOS 2.0 SP12 : polkit (EulerOS-SA-2025-2052)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This...
TencentOS Server 4: polkit (TSSA-2025:0615)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0615 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
CVE-2025-7519
A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account i...
CVE-2025-7519
A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account i...
CVE-2025-7519 Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write
A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account i...
Linux Distros Unpatched Vulnerability : CVE-2021-4115
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this...
SUSE CVE-2018-1116
A flaw was found in polkit before version 0.116. The implementation of the polkitbackendinteractiveauthoritycheckauthorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and informati...
SUSE CVE-2021-4115
There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being...
CVE-2021-4115
There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being...