#VU32408 Permissions, Privileges, and Access Controls in polkit - CVE-2015-3255

Cybersecurity Help s.r.o.

Published: 2015-10-26 | Updated: 2020-07-28

Vulnerability identifier: #VU32408

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2015-3255

CWE-ID: CWE-264

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
polkit
Other software / Other software solutions

Vendor: Freedesktop.org

Description

The vulnerability allows a local non-authenticated attacker to read and manipulate data.

The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions.

Mitigation
Install update from vendor's website.

Vulnerable software versions

polkit: 0.91 - 0.112

External links
https://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html
https://lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html
https://lists.opensuse.org/opensuse-updates/2015-11/msg00042.html
https://www.securitytracker.com/id/1035023
https://bugs.freedesktop.org/show_bug.cgi?id=83590
https://bugzilla.redhat.com/show_bug.cgi?id=1245673
https://security.gentoo.org/glsa/201611-07
https://usn.ubuntu.com/3717-2/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for polkit

Permissions, Privileges, and Access Controls in Freedesktop polkit

Permissions, Privileges, and Access Controls in polkit (Alpine package)