Another Serious Flaw Found in All Major Linux Distributions

By

A vulnerability in the Polkit pkexec component has been found in the default configuration for all major Linux distributions.

CVE-2021-4034 has been identified. This new vulnerability, named PwnKit, was tracked to an initial commit for pkexec from over 12 years ago. Because of the age of the flaw, every Linux distribution that depends on Polkit is affected. 

The pkexec negotiates the interaction between privileged and unprivileged processes and allows authorized users to execute commands as other users. Researchers at Qualys discovered the pkexec command could be used by local attackers to increase privileges to root in Ubuntu, Debian, Fedora, and CentOS (and warn that it's most likely exploitable in other distributions as well).

It's important to understand that, with this vulnerability, an attacker can gain full root privileges on your system using just the default polkit configuration. 

Of course, two of the major distributions, Ubuntu and Red Hat, have released patches for the vulnerability. Those patches are available for Ubuntu 14.04, 16.04 ESM, 18.04, 20.04, and 21.04, and Red Hat for Workstation and Enterprise products.

For those who use a distribution that has yet to patch this problem, a quick fix is to strip pkexec of the setuid bit with the command:

sudo chmod 0755 /usr/bin/pkexec

If you use one of the listed Ubuntu or Red Hat releases, make sure to update your systems immediately.

01/26/2022

Related content

comments powered by Disqus