CVE-2015-3218 : The authentication_agent_new function in polkitbackend/polkitbackendinteractivea

The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an invalid object path.

Published 2015-10-26 19:59:00

Updated 2025-04-12 10:46:41

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Products affected by CVE-2015-3218

Polkit Project » Polkit
Versions up to, including, (<=) 0.112
cpe:2.3:a:polkit_project:polkit:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-3218

EPSS FAQ

0.08%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 21 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-3218

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
2.1	LOW	AV:L/AC:L/Au:N/C:N/I:N/A:P	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2015-3218

http://lists.opensuse.org/opensuse-updates/2015-11/msg00042.html

openSUSE-SU-2015:1927-1: moderate: Security update for polkit

CVEs referencing this url
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161721.html

[SECURITY] Fedora 22 Update: polkit-0.113-1.fc22

CVEs referencing this url
http://www.securityfocus.com/bid/76086

polkit CVE-2015-3218 Local Denial of Service Vulnerability
http://lists.freedesktop.org/archives/polkit-devel/2015-May/000420.html

Crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162294.html

[SECURITY] Fedora 21 Update: polkit-0.113-4.fc21

CVEs referencing this url
http://lists.freedesktop.org/archives/polkit-devel/2015-May/000421.html

Crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent
http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html

polkit-0.113 released

CVEs referencing this url
https://usn.ubuntu.com/3717-1/

USN-3717-1: PolicyKit vulnerabilities | Ubuntu security notices
http://www.securitytracker.com/id/1035023

PolicyKit Bugs Let Local Users Deny Service or Gain Elevated Privileges - SecurityTracker

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html

[security-announce] openSUSE-SU-2015:1734-1: important: Security update

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2015-3218

Products affected by CVE-2015-3218

Exploit prediction scoring system (EPSS) score for CVE-2015-3218

CVSS scores for CVE-2015-3218

References for CVE-2015-3218