Polkit Security Vulnerabilities and Issues — Polkit CVE List

Lucene search

Polkit ProjectPolkit

4 matches found

CVE•added 2018/07/10 7:29 p.m.•239 views

CVE-2018-1116

A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and inform...

4.7CVSS4.5AI score0.00048EPSS

CVE•added 2015/10/26 7:59 p.m.•108 views

CVE-2015-3256

PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon crash) and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."

4.6CVSS6.5AI score0.00077EPSS

CVE•added 2015/10/26 7:59 p.m.•98 views

CVE-2015-3255

The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.

4.6CVSS4.5AI score0.00106EPSS

CVE•added 2015/10/26 7:59 p.m.•57 views

CVE-2015-4625

Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.

4.6CVSS4.7AI score0.00105EPSS