CISA KEV 정보
| 취약점명 | Red Hat Polkit Out-of-Bounds Read and Write Vulnerability |
|---|---|
| 설명 | The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights. |
| 조치사항 | Apply updates per vendor instructions. |
| 랜섬웨어 캠페인 악용 | Unknown |
| CWE | CWE-787 |
| 등록일 (KEV) | 2022-06-27 |
| 조치 기한 | 2022-07-18 |
| 추가 참고 | https://nvd.nist.gov/vuln/detail/CVE-2021-4034 |
NVD 상세 정보
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HAV:L/AC:L/Au:N/C:C/I:C/A:C설명: A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
CWE: CWE-787 | CWE-125 | CWE-787
참조
- http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html [Exploit, Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html [Third Party Advisory, VDB Entry]
- https://access.redhat.com/security/vulnerabilities/RHSB-2022-001 [Mitigation, Vendor Advisory]
- https://bugzilla.redhat.com/show_bug.cgi?id=2025869 [Issue Tracking, Patch]
- https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf [Third Party Advisory]
- https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683 [Patch]
- https://www.oracle.com/security-alerts/cpuapr2022.html [Patch, Third Party Advisory]
- https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt [Exploit, Mitigation, Third Party Advisory]
- https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/ [Exploit, Third Party Advisory]
- https://www.starwindsoftware.com/security/sw-20220818-0001/ [Third Party Advisory]
- https://www.suse.com/support/kb/doc/?id=000020564 [Third Party Advisory]
- http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html [Exploit, Third Party Advisory, VDB Entry]
- http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html [Third Party Advisory, VDB Entry]
- https://access.redhat.com/security/vulnerabilities/RHSB-2022-001 [Mitigation, Vendor Advisory]
- https://bugzilla.redhat.com/show_bug.cgi?id=2025869 [Issue Tracking, Patch]
- ... 외 9건
This product uses the NVD API but is not endorsed or certified by the NVD.