939246 – (CVE-2015-3255) VUL-0: CVE-2015-3255: polkit: Heap-corruption on duplicate ids

Bug 939246 (CVE-2015-3255) - VUL-0: CVE-2015-3255: polkit: Heap-corruption on duplicate ids

Summary: VUL-0: CVE-2015-3255: polkit: Heap-corruption on duplicate ids

Status:	RESOLVED FIXED

Alias:	CVE-2015-3255

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/119193/
Whiteboard:	CVSSv2:RedHat:CVE-2015-3255:4.4:(AV:L...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2015-07-23 13:26 UTC by Johannes Segitz
Modified:	2016-04-27 19:43 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Upstream patch (1.86 KB, patch) 2015-07-23 13:28 UTC, Johannes Segitz	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Johannes Segitz 2015-07-23 13:26:58 UTC

rh#1245673

Heap corruption on duplicate ID in /usr/share/polkit-1/actions
https://bugs.freedesktop.org/show_bug.cgi?id=83590

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1245673
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3255
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3255

Comment 1 Johannes Segitz 2015-07-23 13:28:04 UTC

Created attachment 641832 [details]
Upstream patch

Comment 2 Swamp Workflow Management 2015-07-23 22:00:10 UTC

bugbot adjusting priority

Comment 5 Marcus Meissner 2015-08-04 14:58:04 UTC

SLE11 PolicyKit is good, it passes in a copy:

g_hash_table_insert (already_shown, g_strdup (action_id), (gpointer) 1);

Comment 7 Swamp Workflow Management 2015-10-14 08:10:45 UTC

openSUSE-SU-2015:1734-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 933922,935119,939246,943816
CVE References: CVE-2015-3218,CVE-2015-3255,CVE-2015-3256,CVE-2015-4625
Sources used:
openSUSE 13.2 (src):    polkit-0.113-3.8.1
openSUSE 13.1 (src):    polkit-0.113-9.1

Comment 9 Swamp Workflow Management 2015-10-28 11:11:07 UTC

SUSE-SU-2015:1838-1: An update that solves four vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 912889,933922,935119,939246,943816,950114
CVE References: CVE-2015-3218,CVE-2015-3255,CVE-2015-3256,CVE-2015-4625
Sources used:
SUSE Linux Enterprise Workstation Extension 12 (src):    polkit-0.113-4.1
SUSE Linux Enterprise Software Development Kit 12 (src):    polkit-0.113-4.1
SUSE Linux Enterprise Server 12 (src):    polkit-0.113-4.1
SUSE Linux Enterprise Desktop 12 (src):    polkit-0.113-4.1

Comment 10 Swamp Workflow Management 2015-11-06 17:11:50 UTC

openSUSE-SU-2015:1927-1: An update that solves four vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 912889,933922,935119,939246,943816,950114
CVE References: CVE-2015-3218,CVE-2015-3255,CVE-2015-3256,CVE-2015-4625
Sources used:
openSUSE Leap 42.1 (src):    polkit-0.113-6.1

Comment 11 Sebastian Krahmer 2015-11-24 08:53:13 UTC

released