High Threat Security Alert (A22-01-20): Vulnerability in Linux Operating Systems


 

Published on: 27 January 2022

Share on Facebook    Share on X   

Description:

A vulnerability was found in a Linux system service called polkit which is installed by default in several Linux distributions.  The proof-of-concept against the vulnerability has been publicly available on the Internet.  A local authenticated attacker may leverage the vulnerability to gain root privilege on a vulnerable system.

Reports indicate that the proof-of-concept (PoC) code for vulnerability (CVE-2021-4034) is publicly available.  System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • Linux operating systems with polkit installed

It is strongly recommended to consult the product vendors if the used Linux systems are affected.

 

Impact:

Successful exploitation could lead to escalation of privilege on a vulnerable system.

 

Recommendation:

The vulnerability is fixed in some of the Linux distributions such as RedHat and Ubuntu.  The following is only a sample list of Linux distributions that are affected.  The list is not exhaustive and it is strongly recommended to consult the product vendors if the used Linux systems are affected.  System administrators should check with their product vendors to confirm if their Linux systems are affected and the availability of patches, and if so, apply the patches or follow the recommendations provided by the product vendors to mitigate the risk.

  • Debian
    https://security-tracker.debian.org/tracker/CVE-2021-4034
  • openSUSE
    https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SGEROI6PUOTOXKFIH2MPKUQ3PI6VWLXQ/
  • Oracle Linux
    https://linux.oracle.com/errata/ELSA-2022-0274.html
  • RedHat
    https://access.redhat.com/security/cve/CVE-2021-4034
  • Slackware
    https://www.slackware.com/security/viewer.php?l=slackware-security&y=2022&m=slackware-security.434679
  • SUSE
    https://www.suse.com/security/cve/CVE-2021-4034.html
  • Ubuntu     
    https://ubuntu.com/security/CVE-2021-4034 

 

More Information:

  • https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034

 



Tag: polkit , Linux
Tags