FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
36a35d83-c560-11eb-84ab-e0d55e2a8bf9polkit -- local privilege escalation using polkit_system_bus_name_get_creds_sync

Cedric Buissart reports:

The function polkit_system_bus_name_get_creds_sync is used to get the uid and pid of the process requesting the action. It does this by sending the unique bus name of the requesting process, which is typically something like ":1.96", to dbus-daemon. These unique names are assigned and managed by dbus-daemon and cannot be forged, so this is a good way to check the privileges of the requesting process.

The vulnerability happens when the requesting process disconnects from dbus-daemon just before the call to polkit_system_bus_name_get_creds_sync starts. In this scenario, the unique bus name is no longer valid, so dbus-daemon sends back an error reply. This error case is handled in polkit_system_bus_name_get_creds_sync by setting the value of the error parameter, but it still returns TRUE, rather than FALSE. This behavior means that all callers of polkit_system_bus_name_get_creds_sync need to carefully check whether an error was set. If the calling function forgets to check for errors then it will think that the uid of the requesting process is 0 (because the AsyncGetBusNameCredsData struct is zero initialized). In other words, it will think that the action was requested by a root process, and will therefore allow it.


Discovery 2021-06-03
Entry 2021-06-04
polkit
lt 0.119

CVE-2021-3560
https://seclists.org/oss-sec/2021/q2/180
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a04d13a
0f8bf913-7efa-11ec-8c04-2cf05d620eccpolkit -- Local Privilege Escalation

Qualys reports:

We discovered a Local Privilege Escalation (from any user to root) in polkit's pkexec, a SUID-root program that is installed by default on every major Linux distribution.


Discovery 2022-01-25
Entry 2022-01-26
polkit
lt 0.120_1

CVE-2021-4034
https://seclists.org/oss-sec/2022/q1/80
ports/261482