rpm package
suse/polkit&distro=SUSE Linux Enterprise Micro 5.1
pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Micro%205.1
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-7519 | — | < 0.116-150200.3.15.1 | 0.116-150200.3.15.1 | Jul 14, 2025 | A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-pr | ||
| CVE-2021-4115 | — | < 0.116-3.9.1 | 0.116-3.9.1 | Feb 21, 2022 | There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and | ||
| CVE-2021-4034 | — | KEV | < 0.116-3.6.1 | 0.116-3.6.1 | Jan 28, 2022 | A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the callin |
- CVE-2025-7519Jul 14, 2025affected < 0.116-150200.3.15.1fixed 0.116-150200.3.15.1
A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-pr
- CVE-2021-4115Feb 21, 2022affected < 0.116-3.9.1fixed 0.116-3.9.1
There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and
- affected < 0.116-3.6.1fixed 0.116-3.6.1
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the callin