oss-sec mailing list archives
Re: CVE-2021-4115: polkit: file descriptor leak allows an unprivileged user to cause a crash.
From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Fri, 18 Feb 2022 11:19:27 -0800
On 2/17/22 13:35, Devon Thompson wrote:
Description:There is an error handing flaw in polkit which can allow an unprivileged user to cause polkit to crash.The crash happens due to process file descriptor exhaustion.NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned.
A more detailed description has been posted at https://securitylab.github.com/advisories/GHSL-2021-077-polkit/
References: https://access.redhat.com/security/cve/cve-2021-4115 https://bugzilla.redhat.com/show_bug.cgi?id=2054127https://pkgs.devel.redhat.com/cgit/rpms/polkit/commit/?h=rhel-8.6.0&id=a71b0b5bb6624858a16bfbc1e721757b243709c6
That last hostname does not resolve (perhaps it's internal to Red Hat?). I'm surprised these are all Red Hat URL's - was this not reported & fixed upstream? I see a query asking about that at https://gitlab.freedesktop.org/polkit/polkit/-/issues/170 but no response, and no commit or merge request yet there. -- -Alan Coopersmith- alan.coopersmith () oracle com Oracle Solaris Engineering - https://blogs.oracle.com/solaris
Current thread:
- CVE-2021-4115: polkit: file descriptor leak allows an unprivileged user to cause a crash. Devon Thompson (Feb 18)
- Re: CVE-2021-4115: polkit: file descriptor leak allows an unprivileged user to cause a crash. Alan Coopersmith (Feb 18)
- Re: CVE-2021-4115: polkit: file descriptor leak allows an unprivileged user to cause a crash. Alan Coopersmith (Feb 18)
- Re: CVE-2021-4115: polkit: file descriptor leak allows an unprivileged user to cause a crash. Alan Coopersmith (Feb 18)