CNNVD-202507-1880 Information

CNNVD ID

CNNVD-202507-1880

Related CVE

CVE-2025-7519

• CNNVD Published: 2025-07-14

Description (Chinese)

polkit是一个在类 Unix操作系统中控制系统范围权限的组件。通过定义和审核权限规则，实现不同优先级进程间的通讯。 polkit存在缓冲区错误漏洞，该漏洞源于处理XML策略时越界写入，可能导致崩溃或任意代码执行。

Description (English)

Polkit is a component that controls system range privileges in the UNIX operating system. Communication between different priority processes is achieved by defining and reviewing rules of competence. Polkit has an error loophole in the buffer zone, which stems from cross-border writing in the processing of XML strategies, which could lead to collapse or arbitrary code enforcement.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

polyaxon

Published

2025-07-14

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-7519 https://bugzilla.redhat.com/show_bug.cgi?id=2379675