CVE-2015-3218

Priority
Low
Description
The authentication_agent_new function in
polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit)
before 0.113 allows local users to cause a denial of service (NULL pointer
dereference and polkitd daemon crash) by calling
RegisterAuthenticationAgent with an invalid object path.
References
Bugs
Assigned-to
mdeslaur
Package
Upstream:released (0.105-11)
Ubuntu 17.10 (Artful Aardvark):not-affected (0.105-11)
Ubuntu 12.04 ESM (Precise Pangolin):needed
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (0.105-11)
Ubuntu 17.04 (Zesty Zapus):not-affected (0.105-11)
Patches:
Upstream:http://cgit.freedesktop.org/polkit/commit/?id=48e646918efb2bf0b3b505747655726d7869f31c
More Information

Updated: 2017-10-23 12:20:06 UTC (commit 13562)