~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to active/CVE-2015-3218

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
Candidate: CVE-2015-3218
2
 
PublicDate: 2015-10-26
3
 
References:
4
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3218
5
 
 http://lists.freedesktop.org/archives/polkit-devel/2015-May/000420.html
6
 
Description:
7
 
 The authentication_agent_new function in
8
 
 polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit)
9
 
 before 0.113 allows local users to cause a denial of service (NULL pointer
10
 
 dereference and polkitd daemon crash) by calling
11
 
 RegisterAuthenticationAgent with an invalid object path.
12
 
Ubuntu-Description:
13
 
Notes:
14
 
Bugs:
15
 
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787932
16
 
 https://bugs.freedesktop.org/show_bug.cgi?id=90829
17
 
Priority: low
18
 
Discovered-by: Tavis Ormandy
19
 
Assigned-to: mdeslaur
20
 
 
21
 
Patches_policykit-1:
22
 
 upstream: http://cgit.freedesktop.org/polkit/commit/?id=48e646918efb2bf0b3b505747655726d7869f31c
23
 
upstream_policykit-1: released (0.105-11)
24
 
precise_policykit-1: ignored (reached end-of-life)
25
 
precise/esm_policykit-1: needed
26
 
trusty_policykit-1: needed
27
 
utopic_policykit-1: ignored (reached end-of-life)
28
 
vivid_policykit-1: ignored (reached end-of-life)
29
 
vivid/stable-phone-overlay_policykit-1: ignored (reached end-of-life)
30
 
vivid/ubuntu-core_policykit-1: DNE
31
 
wily_policykit-1: not-affected (0.105-11)
32
 
xenial_policykit-1: not-affected (0.105-11)
33
 
yakkety_policykit-1: not-affected (0.105-11)
34
 
zesty_policykit-1: not-affected (0.105-11)
35
 
artful_policykit-1: not-affected (0.105-11)
36
 
bionic_policykit-1: not-affected (0.105-11)
37
 
devel_policykit-1: not-affected (0.105-11)