CVE-2025-7519

Summary

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.

Affected Software

VendorProductVersion RangeStatus
0 <= 126affected

Weaknesses

  • CWE-787: Out-of-bounds Write

Workarounds

There's no known mitigation to this vulnerability other than avoiding the implementation of unknown or untrusted polkit policy files to the system.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References