oss-sec mailing list archives
Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)
From: Henri Salo <henri () nerv fi>
Date: Wed, 26 Jan 2022 14:34:26 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Wed, Jan 26, 2022 at 12:18:07PM +0100, Roman Medina-Heigl Hernandez wrote:
PS: Untested because my Debian machine doesn't contain pkexec, even though Qualy's advisory says it is by default on Debian.
We had discussion off-list with Roman and this is the case only when Debian is updated from previous release to bullseye. In clean installs pkexec is installed. - -- Henri Salo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/aVSDznAZReWTkxKJ633pE6qdXQFAmHxP9EACgkQJ633pE6q dXS1NhAAtX9YcEAsZoHZ2yMohlofBqiRTvAwE2dk4jbhu8/4Kvkz1IP6sVBi6J4S MKF2zSvUW8ydq/MAl2K8viB+O2VcbN0ZZIzYSNN4a1Rjz2AyWUl5fhdqHRQrUqMn O9/FfsgtGmOVBECc4HNwlje9jDP0bZKkqbU9AULsxJrG1QwYGYCV28Ietb4ccJYD d9VqgdYr4W4qqcsycn4Z7wkq7iFS+VkLCX77KVMxr+WuldRFK2FCPa9rHopps+6i 4yKLLYJxF9Z6y8t4d/ZSSckT4GN7fDw3L7WP8HYlJTY16gkOi+MDIlfvTPnLkAH0 YIDvZcDpFMZGWluw2eO8wdkITZAk7LDCLo484iRAb0Ufji9n775R2mS7UjLKwJ++ dg2TcqN7BNICTRRpnCXvqyWFMUTiI19I45v/T68ymgVF8YwGEAcnA3FyH8tCbz+Y 79dKz764sMSKJubeRfL1EFdBm7a8ugi4v9c+jEUgqGvc4ERBB6hVuUWDsRpyNgEK /j/HdA4BOlp95GxjfYnckZKYvcqg0+A7XBsQsAVu0cH10sHsIRAwjwMCkk5uM2G6 i4ciEDTV1svMpO0JsY7FS4HRvheEqg/Ws3c2Gd7ssvMuAwqS0p0K9qn9E6Bcj0xP KrwSF4tsqY1dQPS1h5GCTT4H8+M76DTBHVfwhy2L2yWdScn1I3s= =S0ir -----END PGP SIGNATURE-----
Current thread:
- pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Qualys Security Advisory (Jan 25)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Sam James (Jan 25)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Roman Medina-Heigl Hernandez (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Henri Salo (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Erik Auerswald (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Chris Boot (Jan 27)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Roman Medina-Heigl Hernandez (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Sam James (Jan 25)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Dominik Czarnota (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Kai Lüke (Jan 27)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Bastian Blank (Jan 27)