CVE-2015-4625 — Integer Overflow or Wraparound in Project Polkit

CWE-189 CWE-190 — Integer Overflow or Wraparound CWE-200 — Sensitive Information Exposure9 documents8 sources

Severity

4.6MEDIUMNVD

EPSS

0.1%

top 71.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Polkit Project Polkit Fedoraproject Fedora Opensuse

Timeline

PublishedOct 26

Latest updateMay 14

Description

Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDpolkit_project/polkit0.112

▶NVDopensuse/opensuse13.1, 13.2+1

Also affects: Fedora 21, 22

🔴Vulnerability Details

GHSA

GHSA-m24q-4952-3p5h: Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0↗2022-05-14

▶

OSV

CVE-2015-4625: Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0↗2015-10-26

▶

CVEList

CVE-2015-4625: Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0↗2015-10-26

▶

📋Vendor Advisories

Ubuntu

PolicyKit vulnerabilities↗2018-07-16

▶

Red Hat

polkit: potential information disclosure vulnerability due to cookie counter wrapping↗2015-05-29

▶

Debian

CVE-2015-4625: policykit-1 - Integer overflow in the authentication_agent_new_cookie function in PolicyKit (a...↗2015

▶

💬Community

Bugzilla

CVE-2015-4625 polkit: potential information disclosure vulnerability due to cookie counter wrapping [fedora-all]↗2015-06-19

▶

Bugzilla

CVE-2015-4625 polkit: potential information disclosure vulnerability due to cookie counter wrapping↗2015-06-19

▶