CVE-2021-4115

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-4115

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4115.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-4115

Related

Published

2022-02-21T22:15:07Z

Modified

2025-03-19T02:00:12.007721Z

Downstream

RHSA-2022:1546

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned

References

Affected packages

Debian:11 / policykit-1

Package

Name: policykit-1
Purl: pkg:deb/debian/policykit-1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.105-31

0.105-31+deb11u1

0.105-31.1~deb12u1

0.105-31.1

0.105-32

0.105-33

0.109-1

0.110-1

0.110-2

0.110-3

0.112-1

0.112-2

0.112-3

0.112-4

0.112-5

0.113-1

0.113-2

0.113-3

0.113-4

0.113-5

0.113-6

0.114-1

0.115-1

0.115-2

0.115-3

0.116-1

0.116-2

0.116-3

0.117-1

0.118-1

0.118-2

0.119-1

0.120-1

0.120-2

0.120-3

0.120-4

0.120-5

0.120-6

Other

121-1

121-2

122-1

122-2

122-3

122-4

123-1

123-2

123-3

124-1

124-2

124-3

125-1

125-2

126-1

126-2

121+compat0.*

121+compat0.1-1

121+compat0.1-2

121+compat0.1-3

121+compat0.1-4

121+compat0.1-5

121+compat0.1-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / policykit-1

Package

Name: policykit-1
Purl: pkg:deb/debian/policykit-1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.105-32

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / policykit-1

Package

Name: policykit-1
Purl: pkg:deb/debian/policykit-1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.105-32

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / gitlab.freedesktop.org/polkit/polkit

Affected ranges

Type: GIT
Repo: https://gitlab.freedesktop.org/polkit/polkit
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

585f4f2715639394e36319d4918389d26e250e7b

Affected versions

0.*

0.100

0.101

0.102

0.103

0.104

0.105

0.106

0.107

0.108

0.109

0.110

0.111

0.112

0.113

0.114

0.115

0.116

0.117

0.91

0.92

0.93

0.94

0.95

0.96

0.97

0.98

0.99

Other

POLICY_KIT_0_3

POLICY_KIT_0_4

POLICY_KIT_0_5

POLICY_KIT_0_6

POLICY_KIT_0_7

POLICY_KIT_0_8

POLICY_KIT_0_9

start