14 results (0.008 seconds)

CVSS: 6.2EPSS: 0%CPEs: 8EXPL: 1

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned Se presenta un fallo en polkit que puede permitir a un usuario no privilegiado causar un bloqueo de polkit, debido al agotamiento del descriptor de archivos del proceso. La mayor amenaza de esta vulnerabilidad es la disponibilidad. NOTA: La duración de la interrupción del proceso de polkit está ligada al proceso que falla y a la creación de uno nuevo There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. • http://packetstormsecurity.com/files/172849/polkit-File-Descriptor-Exhaustion.html https://access.redhat.com/security/cve/cve-2021-4115 https://gitlab.com/redhat/centos-stream/rpms/polkit/-/merge_requests/6/diffs?commit_id=bf900df04dc390d389e59aa10942b0f2b15c531e https://gitlab.freedesktop.org/polkit/polkit/-/issues/141 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VGKWCBS6IDZYYDYM2WIWJM5BL7QQTWPF https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat • CWE-400: Uncontrolled Resource Consumption CWE-403: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') •

CVSS: 7.8EPSS: 0%CPEs: 56EXPL: 33

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. • https://github.com/dzonerzy/poc-cve-2021-4034 https://github.com/arthepsy/CVE-2021-4034 https://github.com/berdav/CVE-2021-4034 https://www.exploit-db.com/exploits/50689 https://github.com/PwnFunction/CVE-2021-4034 https://github.com/joeammond/CVE-2021-4034 https://github.com/nikaiw/CVE-2021-4034 https://github.com/ryaagard/CVE-2021-4034 https://github.com/Rvn0xsy/CVE-2021-4034 https://github.com/Ayrx/CVE-2021-4034 https://github.com/zhzyker/CVE-2021-4034& • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 23

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se ha detectado que polkit podía ser engañado para omitir las comprobaciones de credenciales para las peticiones de D-Bus, elevando los privilegios del solicitante al usuario root. Este fallo podría ser usado por un atacante local no privilegiado para, por ejemplo, crear un nuevo administrador local. • https://www.exploit-db.com/exploits/50011 https://github.com/secnigma/CVE-2021-3560-Polkit-Privilege-Esclation https://github.com/RicterZ/CVE-2021-3560-Authentication-Agent https://github.com/hakivvi/CVE-2021-3560 https://github.com/WinMin/CVE-2021-3560 https://github.com/0dayNinja/CVE-2021-3560 https://github.com/AssassinUKG/Polkit-CVE-2021-3560 https://github.com/chenaotian/CVE-2021-3560 https://github.com/BizarreLove/CVE-2021-3560 https://github.com/cpu0x00/CVE-2021-3560&# • CWE-754: Improper Check for Unusual or Exceptional Conditions CWE-863: Incorrect Authorization •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

gksu-polkit-0.0.3-6.fc18 was reported as fixing the issue in CVE-2012-5617 but the patch was improperly applied and it did not fixed the security issue. Se reportó que gksu-polkit-0.0.3-6.fc18 corrigió el problema en CVE-2012-5617, pero el parche fue aplicado inapropiadamente y no corrigió el problema de seguridad. • http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113182.html http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113218.html https://access.redhat.com/security/cve/cve-2013-4161 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4161 https://security-tracker.debian.org/tracker/CVE-2013-4161 • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation gksu-polkit: el archivo de configuración de política PolicyKit permisivo permite una escalada de privilegios. • http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113182.html http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113218.html http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099739.html http://www.openwall.com/lists/oss-security/2012/12/12/8 http://www.securityfocus.com/bid/56918 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5617 https://security-tracker.debian.org/tracker/CVE-2012-5617 • CWE-269: Improper Privilege Management •