Integer Overflow Vulnerability in PolicyKit Affects Local User Privileges
CVE-2015-4625

Currently unrated

Key Information:

Vendor

Fedoraproject

Status
Fedora
Opensuse
Vendor
CVE Published:
26 October 2015

What is CVE-2015-4625?

The vulnerability exists in the authentication_agent_new_cookie function in PolicyKit prior to version 0.113. An integer overflow issue permits local users to create a high volume of connections, leading to the generation of duplicate cookie values. This flaw can be exploited to escalate privileges on affected systems, potentially enabling unauthorized access to sensitive resources.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.freedesktop.org/archives/polkit-devel/2015-J...
mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/75267
vdb-entryx_refsource_BID
http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.