|
Message-ID: <56d94fb3-cb73-c541-b62b-4239a28afea1@rs-labs.com>
Date: Wed, 26 Jan 2022 12:18:07 +0100
From: Roman Medina-Heigl Hernandez <roman@...labs.com>
To: oss-security@...ts.openwall.com
Subject: Re: pwnkit: Local Privilege Escalation in polkit's
pkexec (CVE-2021-4034)
Exploit by blasty attached (also at:
https://haxx.in/files/blasty-vs-pkexec.c).
PS: Untested because my Debian machine doesn't contain pkexec, even
though Qualy's advisory says it is by default on Debian.
PS2: Since vuln is trivially exploitable other exploits will arise for
sure. Well, indeed there are already other exploits. (eg:
https://github.com/berdav/CVE-2021-4034).
Cheers,
-r
El 25/01/2022 a las 19:04, Sam James escribió:
>
>> On 25 Jan 2022, at 17:57, Qualys Security Advisory <qsa@...lys.com> wrote:
>>
>>
>> Qualys Security Advisory
>> pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)
>> [snip]
> Hi,
>
> For the benefit of downstreams: patch is available in gitlab [0]
> but no release yet.
>
> [0] https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683
>
> Best,
> sam
--
Saludos,
-Román
View attachment "blasty-vs-pkexec.c" of type "text/plain" (2159 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.