CVE-2015-4625: Integer Overflow
First published: Mon Oct 26 2015(Updated: )
Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fedoraproject Fedora | =21 | |
| Fedoraproject Fedora | =22 | |
| openSUSE openSUSE | =13.1 | |
| openSUSE openSUSE | =13.2 | |
| Polkit Project Polkit | <=0.112 | |
| debian/policykit-1 | 0.105-31+deb11u1 122-3 125-2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2015/06/08/3
- http://www.openwall.com/lists/oss-security/2015/06/09/1
- http://www.openwall.com/lists/oss-security/2015/06/16/21
- http://lists.freedesktop.org/archives/polkit-devel/2015-May/000419.html
- http://lists.freedesktop.org/archives/polkit-devel/2015-June/000427.html
- http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161721.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162294.html
- http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html
- http://www.securityfocus.com/bid/75267
- http://www.securitytracker.com/id/1035023
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00042.html
- https://launchpad.net/bugs/cve/CVE-2015-4625
- http://lists.freedesktop.org/archives/polkit-devel/2015-June/000425.html
- https://bugs.freedesktop.org/show_bug.cgi?id=90837
- https://bugs.freedesktop.org/show_bug.cgi?id=90832
- https://www.openwall.com/lists/oss-security/2015/06/08/3
- http://cgit.freedesktop.org/polkit/commit/?id=ea544ffc18405237ccd95d28d7f45afef49aca17
- http://cgit.freedesktop.org/polkit/commit/?id=493aa5dc1d278ab9097110c1262f5229bbaf1766
- http://cgit.freedesktop.org/polkit/commit/?id=fb5076b7c05d01a532d593a4079a29cf2d63a228
- https://security-tracker.debian.org/tracker/CVE-2015-4625
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4625
- https://nvd.nist.gov/vuln/detail/CVE-2015-4625
- https://ubuntu.com/security/CVE-2015-4625
Frequently Asked Questions
What is the severity of CVE-2015-4625?
The severity of CVE-2015-4625 is medium with a CVSS score of 4.6.
What is the affected software for CVE-2015-4625?
The affected software includes Fedora 21, Fedora 22, OpenSUSE 13.1, OpenSUSE 13.2, and Red Hat Polkit.
How can local users exploit CVE-2015-4625?
Local users can exploit CVE-2015-4625 by creating a large number of connections, triggering the issuance of a duplicate cookie value and gaining privileges.
Is there a fix available for CVE-2015-4625?
Yes, there is a fix available for CVE-2015-4625. Upgrade to version 0.113 or higher of PolicyKit (aka polkit).
Are there any references for CVE-2015-4625?
Yes, you can refer to the following links for more information: [link1](http://www.openwall.com/lists/oss-security/2015/06/08/3), [link2](http://www.openwall.com/lists/oss-security/2015/06/09/1), [link3](http://www.openwall.com/lists/oss-security/2015/06/16/21).
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/weakness
- agent/severity
- agent/remedy
- agent/description
- agent/references
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/21
- version/fedoraproject fedora/22
- vendor/opensuse
- canonical/opensuse opensuse
- version/opensuse opensuse/13.1
- version/opensuse opensuse/13.2
- vendor/polkit project
- canonical/polkit project polkit
- version/polkit project polkit/0.112
- package-manager/debian