CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-4115

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.4%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 2.1

References

Products affected by CVE-2021-4115

Oracle » Zfs Storage Appliance Kit » Version: 8.8

cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8
Polkit Project » Polkit » Version: 0.117

cpe:2.3:a:polkit_project:polkit:0.117
Canonical » Ubuntu Linux » Version: 20.04

cpe:2.3:o:canonical:ubuntu_linux:20.04
Canonical » Ubuntu Linux » Version: 21.10

cpe:2.3:o:canonical:ubuntu_linux:21.10
Debian » Debian Linux » Version: 11.0

cpe:2.3:o:debian:debian_linux:11.0
Fedoraproject » Fedora » Version: 34

cpe:2.3:o:fedoraproject:fedora:34
Fedoraproject » Fedora » Version: 35

cpe:2.3:o:fedoraproject:fedora:35
Redhat » Enterprise Linux » Version: 8.0

cpe:2.3:o:redhat:enterprise_linux:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-4115

Products

Pricing

Contact Us