Bug 13974

Summary: [CVE 21] polkit 0.120 CVEs CVE-2021-4034 EXPLOIT https://www.exploit-db.com/download/50689 found
Product: [ROSA-based products] ROSA Fresh Reporter: Yury <y.tumanov>
Component: System (kernel, glibc, systemd, bash, PAM...)Assignee: ROSA Linux Bugs <bugs>
Status: RESOLVED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: blocker    
Priority: Highest CC: s.matveev, y.tumanov
Version: AllFlags: y.tumanov: secteam_verified+
Target Milestone: 2021.1 Fresh R12   
Hardware: All   
OS: Linux   
URL: CVE-2021-4034 https://www.exploit-db.com/download/50689
Whiteboard:
Platform: 2021.1 ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Yury 2023-10-20 15:13:26 MSK 
polkit	0.120	CVE-2021-4034	A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.	7,8	HIGH	7,2	HIGH	CWE-125	CAPEC-540||		Найден	https://nvd.nist.gov/vuln/detail/CVE-2021-4034	https://www.exploit-db.com/download/50689
Comment 1 Svyatoslav Matveev 2023-10-20 17:40:18 MSK 
CVE закрыто,ссылка на коммит
https://abf.io/import/polkit/commit/8984b4c602c4c7db998e39b30b641c4584940ed6
Comment 2 Yury 2023-10-27 16:42:29 MSK 
secteam_verified