Lucene search

RedhatCVE-2021-4115

HistoryFeb 21, 2022 - 10:15 p.m.

CVE-2021-4115

2022-02-2122:15:07

CWE-400

redhat

web.nvd.nist.gov

273

polkit

vulnerability

process

file descriptor

exhaustion

nvd

cve-2021-4115

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

43.4%

JSON

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned

Affected configurations

Nvd

Vulners

Node

polkit_projectpolkitMatch0.117

Node

redhatenterprise_linuxMatch8.0

Node

fedoraprojectfedoraMatch34

fedoraprojectfedoraMatch35

Node

canonicalubuntu_linuxMatch20.04lts

canonicalubuntu_linuxMatch21.10

Node

debiandebian_linuxMatch11.0

Node

oraclezfs_storage_appliance_kitMatch8.8

VendorProductVersionCPE
polkit_projectpolkit0.117cpe:2.3:a:polkit_project:polkit:0.117:*:*:*:*:*:*:*
redhatenterprise_linux8.0cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
fedoraprojectfedora34cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
fedoraprojectfedora35cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
canonicalubuntu_linux20.04cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
canonicalubuntu_linux21.10cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*
debiandebian_linux11.0cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
oraclezfs_storage_appliance_kit8.8cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
polkit_project	polkit	0.117	cpe:2.3:a:polkit_project:polkit:0.117:::::::*
redhat	enterprise_linux	8.0	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
fedoraproject	fedora	34	cpe:2.3:o:fedoraproject:fedora:34:::::::*
fedoraproject	fedora	35	cpe:2.3:o:fedoraproject:fedora:35:::::::*
canonical	ubuntu_linux	20.04	cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::
canonical	ubuntu_linux	21.10	cpe:2.3:o:canonical:ubuntu_linux:21.10:::::::*
debian	debian_linux	11.0	cpe:2.3:o:debian:debian_linux:11.0:::::::*
oracle	zfs_storage_appliance_kit	8.8	cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "polkitd",
    "versions": [
      {
        "version": "0.117",
        "status": "affected"
      }
    ]
  }
]