Lucene search

Veracode Vulnerability DatabaseVERACODE:26819

HistorySep 21, 2020 - 6:19 a.m.

Denial Of Service (DoS)

2020-09-2106:19:49

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

policykit-1 is vulnerable to denial of service. A NULL pointer dereference in the authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c allows local users to cause crash the application with an invalid object path.

CPENameOperatorVersion
policykit-1:trustyeq0.105-4ubuntu2
policykit-1:trustyeq0.105-4ubuntu2

CPE	Name	Operator	Version
	policykit-1:trusty	eq	0.105-4ubuntu2
	policykit-1:trusty	eq	0.105-4ubuntu2

References

lists.fedoraproject.org/pipermail/package-announce/2015-July/161721.html

lists.fedoraproject.org/pipermail/package-announce/2015-July/162294.html

lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html

lists.freedesktop.org/archives/polkit-devel/2015-May/000420.html

lists.freedesktop.org/archives/polkit-devel/2015-May/000421.html

lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html

lists.opensuse.org/opensuse-updates/2015-11/msg00042.html

www.securityfocus.com/bid/76086

www.securitytracker.com/id/1035023

usn.ubuntu.com/3717-1/

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for VERACODE:26819