Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)

Related Vulnerabilities: CVE-2021-4034  
Source 
                							

                <!--X-Body-Begin-->
<!--X-User-Header-->

oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->

By Date

By Thread

</form>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)

<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->

From: Dominik Czarnota &lt;dominik.b.czarnota () gmail com&gt;

Date: Wed, 26 Jan 2022 13:54:45 +0100

<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->

<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
Hi,

And many other binaries also do things incorrectly:
- https://grep.app/search?q=%3D%201%3B%20n%20%3C%20argc
- https://grep.app/search?q=%3D%201%3B%20.%20%3C%20argc&amp;regexp=true

But most of them are not suid binaries and also do not perform a write into
argv[].

Cheers,
Disconnect3d

On Wed, 26 Jan 2022 at 13:52, Matthias Schmidt &lt;oss-sec () xosc org&gt; wrote:

Hi,

* Qualys Security Advisory wrote:

Qualys Security Advisory

pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)

This was already mentioned in 2013 in a blog post, however, it seems the
author didn't realize the consequences of their finding:

https://ryiron.wordpress.com/2013/12/16/argv-silliness/

Cheers

        Matthias

<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->

<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->

By Date

By Thread

Current thread:

pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Qualys Security Advisory (Jan 25)

Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Sam James (Jan 25)

Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Roman Medina-Heigl Hernandez (Jan 26)

Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Henri Salo (Jan 26)
Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Erik Auerswald (Jan 26)
Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Chris Boot (Jan 27)

Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Matthias Schmidt (Jan 26)

Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Dominik Czarnota (Jan 26)

Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Kai Lüke (Jan 27)
Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Bastian Blank (Jan 27)

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started