The Qualys research team discovered a memory corruption vulnerability in Polkit's pkexec.

Called CVE-2021-4034, it is a SUID-root program installed by default on all major Linux distributions.

Clearly, the problem lies with a system utility called Polkit.

It grants attackers root user privileges on Linux systems.

A root designates the system administrator account on Linux and UDI stands for "unique identifier".

Namely that the attacker cannot exploit this flaw remotely.

He must log into the system to do so.

The Polkit component

Formerly PolicyKit, Polkit is a component of Unix-like Linux operating systems.

This toolkit helps system administrators manage privileges.

It is installed by default in all Linux distributions.

The pkexec executable, allows users to run commands with administrator rights.

Thus, by using the pkexec command, it is possible to execute commands with elevated privileges, therefore reserved for the system administrator.

Cybersecurity firm Qualys has called the exploit

PwnKit

, and claims that it "allows any unprivileged user to gain full root privileges on a vulnerable host by exploiting this vulnerability in its default configuration."

A vulnerability that has been active for twelve years

Put simply, successful exploitation of the Polkit vulnerability allows any unprivileged user to gain root privileges on the vulnerable host.

This vulnerability has been hidden for more than twelve years and affects all versions of pkexec since its first release in May 2009. This means that the flaw affects all versions of Polkit.

Current Qualys customers can search the Vulnerability Knowledge Base for CVE-2021-4034 to identify all assets vulnerable to this vulnerability.

Note that it is possible to avoid the risk by modifying the rights of the “pkexec” executable with the 

chmod

command .

high tech

FontOnLake: A dreadful malware that targets computers running Linux

high tech

Millions of Bluetooth and WiFi devices threatened by a security breach

  • high tech

  • computer

  • Technology

  • Computer science

  • Cybersecurity

  • linux

  • 0 comment

  • 0 share

    • Share on Messenger

    • Share on Facebook

    • Share on Twitter

    • Share on Flipboard

    • Share on Pinterest

    • Share on Linkedin

    • Send by Mail

  • To safeguard

  • A fault ?

  • To print