AVG-2654 log
| Package | polkit |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 0.120-3 |
| Fixed | 0.120-5 |
| Current | 125-1 [extra] |
| Ticket | None |
| Created | Fri Mar 25 12:45:15 2022 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-4115 | Medium | No | Denial of service | There is a file descriptor leak in polkit, which can enable an unprivileged user to cause polkit to crash, due to file descriptor exhaustion. |
| CVE-2021-4034 | High | No | Privilege escalation | A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 04 Apr 2022 | ASA-202204-2 | polkit | multiple issues |