Back to search
CVE-2015-3218
Published: Oct 26, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an invalid object path.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[polkit-devel] 20150529 Crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent
mailing-list
x_refsource_MLIST
USN-3717-1
vendor-advisory
x_refsource_UBUNTU
FEDORA-2015-11058
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2015:1927
vendor-advisory
x_refsource_SUSE
FEDORA-2015-11743
vendor-advisory
x_refsource_FEDORA
[polkit-devel] 20150702 polkit-0.113 released
mailing-list
x_refsource_MLIST
76086
vdb-entry
x_refsource_BID
openSUSE-SU-2015:1734
vendor-advisory
x_refsource_SUSE
1035023
vdb-entry
x_refsource_SECTRACK
[polkit-devel] 20150630 Crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now