FS#73505 : [polkit] PLEASE ENTER SUMMARY

FS#73505 - [polkit] PLEASE ENTER SUMMARY

Attached to Project: Arch Linux
Opened by Michael J Evans (mjevans) - Tuesday, 25 January 2022, 22:58 GMT
Last edited by Antonio Rojas (arojas) - Wednesday, 26 January 2022, 08:01 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Security patch for a critical privilege escalation bug

https://seclists.org/oss-sec/2022/q1/82
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683

https://seclists.org/oss-sec/2022/q1/80
pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)

I have attached a copy of the plain diff download. Please see upstream (gitlab) for the source of this code that I did not write.

CVE-2021-4034-pkexec.diff (1.8 KiB)

This task depends upon

Closed by Antonio Rojas (arojas)
Wednesday, 26 January 2022, 08:01 GMT
Reason for closing: Fixed
Additional comments about closing: 0.120-4

Comment by Michael J Evans (mjevans) - Tuesday, 25 January 2022, 23:01 GMT

Forgot to fill out the title, oops. If that's correctable please update to something like: CVE-2021-4034 Local Privilege Escalation in polkit's pkexec

Comment by Michael J Evans (mjevans) - Wednesday, 26 January 2022, 02:58 GMT

The security issues page ( https://security.archlinux.org/package/polkit ) doesn't mention CVE-2021-4034; and the fixed version is only in Testing, not stable.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#73505 - [polkit] PLEASE ENTER SUMMARY

Details

Loading...