| Errata ID | 299 |
|---|---|
| Date | 2015-09-02 |
| Source package | policykit-1 |
| Fixed in version | 0.105-3.22.201508282222 |
| Description | Multiple security vulnerabilities have been fixed in policykit-1: * Local privilege escalation due to predictable authentication session cookie values (CVE-2015-4625). * Memory corruption vulnerability in handling duplicate action IDs, possibly leading to local privilege escalation (CVE-2015-3255). * Denial of service issue which allowed any local user to crash polkitd (CVE-2015-3218). |
| Additional notes | |
| CVE ID | CVE-2015-4625 CVE-2015-3255 CVE-2015-3218 |
| UCS Bug number | #38909 |
