| Summary: | polkit new security issue CVE-2021-4034 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, fri, mageia, mandrake, petlaw726, sysadmin-bugs |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK MGA8-32-OK | ||
| Source RPM: | polkit-0.118-1.1.mga8.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2022-01-25 23:11:33 CET
David Walser
2022-01-25 23:11:48 CET
Status comment:
(none) =>
Patch available from upstream Fixed in mga8:
src:
- polkit-0.118-1.1.mga8CC:
(none) =>
mageia Advisory: ======================== Updated polkit packages fix security vulnerability: A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine (CVE-2021-4034). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034 https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt https://access.redhat.com/errata/RHSA-2022:0267 ======================== Updated packages in core/updates_testing: ======================== polkit-0.118-1.1.mga8 libpolkit-gir1.0-0.118-1.1.mga8 libpolkit1_0-0.118-1.1.mga8 libpolkit1-devel-0.118-1.1.mga8 from polkit-0.118-1.1.mga8.src.rpm Whiteboard:
MGA8TOO =>
(none) $ rpm -qa --last |grep ^polkit polkit-kde-agent-1-5.20.4-1.mga8.x86_64 2021-07-13T18:21:38 EDT polkit-0.118-1.1.mga8.x86_64 2021-07-13T18:09:51 EDT Looks like the release needs to be bumped. CC:
(none) =>
davidwhodgins Oh my, you're right. Updated packages in core/updates_testing: ======================== polkit-0.118-1.2.mga8 libpolkit-gir1.0-0.118-1.2.mga8 libpolkit1_0-0.118-1.2.mga8 libpolkit1-devel-0.118-1.2.mga8 from polkit-0.118-1.2.mga8.src.rpm Source RPM:
polkit-0.120-1.mga9.src.rpm =>
polkit-0.118-1.1.mga8.src.rpm
Dave Hodgins
2022-01-26 01:07:39 CET
Keywords:
(none) =>
feedback
David Walser
2022-01-26 01:08:52 CET
Keywords:
feedback =>
(none) Advisory committed to svn using polkit-0.118-1.2.mga8 for the srpm. Keywords:
(none) =>
advisory Got it from the princeton mirror already. Tested on x86_64 and aarch64. Validating. Keywords:
(none) =>
validated_update An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0037.html Resolution:
(none) =>
FIXED That was really quick! Well done :) CC:
(none) =>
fri For what it's worth, tried it on a 32-bit Xfce install on 64-bit hardware (Probook 6550b, i3, server kernel), and it worked perfectly. Also on same hardware, 64-bit Plasma install. Adding the OKs... Whiteboard:
(none) =>
MGA8-64-OK MGA8-32-OK |