oss-sec mailing list archives
Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)
From: Erik Auerswald <auerswal () unix-ag uni-kl de>
Date: Wed, 26 Jan 2022 15:11:21 +0100
Hi, On Wed, Jan 26, 2022 at 02:34:26PM +0200, Henri Salo wrote:
On Wed, Jan 26, 2022 at 12:18:07PM +0100, Roman Medina-Heigl Hernandez wrote:PS: Untested because my Debian machine doesn't contain pkexec, even though Qualy's advisory says it is by default on Debian.We had discussion off-list with Roman and this is the case only when Debian is updated from previous release to bullseye. In clean installs pkexec is installed.
I think this depends on how Debian is installed (e.g., keeping installer defaults for a desktop system, or using a custom package selection). The "policykit-1" containing pkexec is "optional" and thus not present in all Debian installations: $ lsb_release -d ; apt-cache show policykit-1 | grep Priority Description: Debian GNU/Linux 10 (buster) Priority: optional Priority: optional $ lsb_release -d ; apt-cache show policykit-1 | grep Priority Description: Debian GNU/Linux 11 (bullseye) Priority: optional Priority: optional Best regards, Erik
Current thread:
- pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Qualys Security Advisory (Jan 25)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Sam James (Jan 25)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Roman Medina-Heigl Hernandez (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Henri Salo (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Erik Auerswald (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Chris Boot (Jan 27)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Roman Medina-Heigl Hernandez (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Sam James (Jan 25)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Dominik Czarnota (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Kai Lüke (Jan 27)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Bastian Blank (Jan 27)