Polkit Polkitproject Polkit

Do you want an email whenever new security vulnerabilities are reported in Polkitproject Polkit?

By the Year

In 2022 there have been 3 vulnerabilities in Polkitproject Polkit with an average score of 7.0 out of ten. Polkit did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2022 as compared to last year.

Year Vulnerabilities Average Score
2022 3 7.03
2021 0 0.00
2020 0 0.00
2019 1 6.70
2018 2 6.60

It may take a day or so for new Polkit vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Polkitproject Polkit Security Vulnerabilities

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion

CVE-2021-4115 5.5 - Medium - February 21, 2022

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests

CVE-2021-3560 7.8 - High - February 16, 2022

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Improper Check for Unusual or Exceptional Conditions

A local privilege escalation vulnerability was found on polkit's pkexec utility

CVE-2021-4034 7.8 - High - January 28, 2022

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

Memory Corruption

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed

CVE-2019-6133 6.7 - Medium - January 11, 2019

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.

Race Condition

A flaw was found in PolicyKit (aka polkit) 0.115

CVE-2018-19788 8.8 - High - December 03, 2018

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

Improper Input Validation

A flaw was found in polkit before version 0.116

CVE-2018-1116 4.4 - Medium - July 10, 2018

A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and information disclosure.

AuthZ

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Debian Linux or by Polkitproject? Click the Watch button to subscribe.

subscribe