CVE-2015-4625

Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:polkit_project:polkit:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-10-26 19:59

Updated : 2024-02-04 18:53


NVD link : CVE-2015-4625

Mitre link : CVE-2015-4625

CVE.ORG link : CVE-2015-4625


JSON object : View

Products Affected

fedoraproject

  • fedora

polkit_project

  • polkit

opensuse

  • opensuse
CWE
CWE-189

Numeric Errors