ALT-PU-2015-1502-1
Closed vulnerabilities
Published: 2015-10-26
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-3218
The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an invalid object path.
Severity: LOW (2.1)
References:
- FEDORA-2015-11058
- FEDORA-2015-11058
- FEDORA-2015-11743
- FEDORA-2015-11743
- [polkit-devel] 20150702 polkit-0.113 released
- [polkit-devel] 20150702 polkit-0.113 released
- [polkit-devel] 20150529 Crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent
- [polkit-devel] 20150529 Crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent
- [polkit-devel] 20150630 Crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent
- [polkit-devel] 20150630 Crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent
- openSUSE-SU-2015:1734
- openSUSE-SU-2015:1734
- openSUSE-SU-2015:1927
- openSUSE-SU-2015:1927
- 76086
- 76086
- 1035023
- 1035023
- USN-3717-1
- USN-3717-1