VYPR

PolicyKit

by Polkit Org

CVEs (2)

  • CVE-2015-3218Oct 26, 2015
    risk 0.00cvss epss 0.00

    The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an…

  • CVE-2013-4288Oct 3, 2013
    risk 0.00cvss epss 0.00

    Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to (1) the polkit_unix_process_new API function, (2) the dbus…