CVE-2021-4115

Summary

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned

Affected Software

VendorProductVersion RangeStatus
n/apolkitd0.117affected

Weaknesses

  • CWE-400: CWE-400

ADP Enrichment

CVE Program Container

Additional References

References