CVE-2015-3218

Low

2.1/10

Summary

The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an invalid object path.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: PARTIAL

References

Advisory Timeline

Published Oct 26, 2015

CVE-2015-3218

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS