VDB

MAGEIA-2021-244

MAGEIA-2021-244 PUBLISHED

A flaw was found in polkit. When a requesting process disconnects from dbus-daemon just before the call to polkit_system_bus_name_get_creds_sync starts, the process cannot get a unique uid and pid of the process and it cannot verify the privileges of the requesting process (CVE-2021-3560).

Affected Products

VendorProductVersions
Mageiapolkit0, 0.118-1.1.mga8
Mageiapolkit0, 0.116-1.1.mga7

Timeline

  • Jun 8, 2021 CVE Updated
  • Jun 8, 2021 CVE Published
  • Mar 17, 2026 Distribution Patch
  • Mar 17, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›