VYPR

rpm package

suse/polkit&distro=SUSE Linux Enterprise Workstation Extension 12

pkg:rpm/suse/polkit&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012

Vulnerabilities (4)

  • CVE-2015-4625Oct 26, 2015
    affected < 0.113-4.1fixed 0.113-4.1

    Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.

  • CVE-2015-3256Oct 26, 2015
    affected < 0.113-4.1fixed 0.113-4.1

    PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon crash) and possibly gain privileges via unspecified vectors, related to "javascript rule evaluation."

  • CVE-2015-3255Oct 26, 2015
    affected < 0.113-4.1fixed 0.113-4.1

    The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.

  • CVE-2015-3218Oct 26, 2015
    affected < 0.113-4.1fixed 0.113-4.1

    The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an inv