It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local malicious user to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
polkit project polkit |
||
debian debian linux 11.0 |
||
canonical ubuntu linux 20.04 |
||
redhat virtualization 4.0 |
||
redhat virtualization_host 4.0 |
||
redhat openshift_container_platform 4.7 |
Error handling? Nah, let's just unlock everything and be done with it
A seven-year-old privilege escalation vulnerability that's been lurking in several Linux distributions was patched last week in a coordinated disclosure. In a blog post on Thursday, GitHub security researcher Kevin Backhouse recounted how he found the bug (CVE-2021-3560) in a service called polkit associated with systemd, a common Linux system and service manager component. Introduced in commit bfa5036 seven years ago and initially shipped in polkit version 0.113, the bug traveled different path...