Unrated severityNVD Advisory· Published Oct 26, 2015· Updated Jun 17, 2026
CVE-2015-3255
CVE-2015-3255
Description
The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords5 versionspkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012
< 0.113-4.1+ 4 more
- (no CPE)range: < 0.113-4.1
- (no CPE)range: < 0.113-4.1
- (no CPE)range: < 0.113-4.1
- (no CPE)range: < 0.113-4.1
- (no CPE)range: < 0.113-4.1
Patches
Vulnerability mechanics
References
8- lists.freedesktop.org/archives/polkit-devel/2015-July/000432.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.htmlnvd
- lists.opensuse.org/opensuse-updates/2015-11/msg00042.htmlnvd
- www.securitytracker.com/id/1035023nvd
- bugs.freedesktop.org/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- security.gentoo.org/glsa/201611-07nvd
- usn.ubuntu.com/3717-2/nvd
News mentions
0No linked articles in our index yet.