Summary:
On January 25, 2022, Qualys disclosed a PwnKit
privilege escalation vulnerability (CVE-2021-4034) that affects the pkexec program installed by default on all major Linux distributions. Pkexec is a component of Polkit (formerly PolicyKit), which controls communication between privileged and non-privileged processes on a Linux system. By exploiting the PwnKit vulnerability, an attacker can escalate privileges on vulnerable hosts and gain root access.
Qualys describes exploitation as trivial, but an attacker must have local access to a vulnerable host. Exploit code is publicly available, but Secureworks(R) Counter Threat Unit(TM) (CTU) researchers have not observed active exploitation as of this publication.
Recommended actions:
Patches have been released for multiple Linux distributions. Customers should review the documentation listed in the references section and apply upgrades or mitigations as appropriate in their environment.
Questions:
If you have any questions or concerns about this advisory, please contact the SOC or please contact us via our support desk – support@empsn.org.uk
References:
- PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034) | Qualys Security Blog
- Linux system service bug gives root on all major distros, exploit released (bleepingcomputer.com)
- Debian — Security Information — DSA-5059-1 policykit-1
- USN-5252-2: PolicyKit vulnerability | Ubuntu security notices | Ubuntu
- CentOS: CESA-2022-0143: Important CentOS 7 httpd | LinuxSecurity.com
- RHSB-2022-001 Polkit Privilege Escalation – (CVE-2021-4034) – Red Hat Customer Portal