Pkexec Exploit Gives Attackers Root on Major Linux Distros

  • Thread starter Thread starter jim mcnamara
  • Start date Start date
  • Tags Tags
    Linux
Click For Summary
SUMMARY

The pkexec vulnerability, identified as CVE-2021-4034, allows attackers to gain root access on major Linux distributions, including Ubuntu. Patches are currently being developed by both the Linux kernel and pkexec maintainers, as referenced in the kernel mailing list and the polkit GitLab commit. Michael Kerrisk, who raised concerns about this issue back in 2008, has highlighted the urgency of addressing this exploit now that it has been demonstrated in practical scenarios. Users can temporarily mitigate the risk by removing the setuid bit from the pkexec executable.

PREREQUISITES
  • Understanding of Linux security models
  • Familiarity with setuid permissions
  • Knowledge of CVE identification and tracking
  • Experience with patch management in Linux environments
NEXT STEPS
  • Research the details of CVE-2021-4034 and its implications
  • Learn how to manage setuid permissions in Linux
  • Explore the patching process for Linux kernel vulnerabilities
  • Investigate the security features of polkit and its role in Linux systems
USEFUL FOR

System administrators, Linux security professionals, and developers managing Linux environments will benefit from this discussion, particularly those focused on vulnerability management and system hardening.

Technology news on Phys.org
PeterDonis said:
It looks like both the Linux kernel and the pkexec maintainers have patches in the works:

https://lore.kernel.org/lkml/20220126043947.10058-1-ariadne@dereferenced.org/T/

It looks like a proud "I told you so" moment for Michael Kerrisk:
https://lore.kernel.org/lkml/20220126043947.10058-1-ariadne@dereferenced.org/T/ said:
Interestingly, Michael Kerrisk opened an issue about this in 2008,
but there was no consensus to support fixing this issue then.
Hopefully now that CVE-2021-4034 shows practical exploitative use
of this bug in a shellcode, we can reconsider.
 
Reply
  • Haha
Likes   Reactions: Borg
My linux boxes are offline for a while - but WSL Ubuntu shows the problem. That does not bode well for a fix... in the next month.
 
jim mcnamara said:
WSL Ubuntu shows the problem.
You can "fix" it at least for the time being by removing the setuid bit from the pkexec executable.
 
Reply
  • Like
Likes   Reactions: jim mcnamara

Similar threads

IPhone zero-click Wi-Fi exploit: One of the most breathtaking hacks
  • · Replies 3 ·
Replies
3
Views
1K
Requesting suggestions for languages, libraries, and architectures for parallel (and sometimes non parallel) numerical and scientific computations
  • · Replies 8 ·
Replies
8
Views
4K
Plagiarism & ChatGPT: Is Cheating with AI the New Normal?
  • · Replies 39 ·
2
Replies
39
Views
10K
A novel compound epicyclic gear system I can't seem to understand
  • · Replies 1 ·
Replies
1
Views
2K
Graduate RIP Edwin F Taylor (1931-2025)
  • · Replies 3 ·
Replies
3
Views
1K
Current and Future AI Threats to Humanity and the Human Response
  • · Replies 10 ·
Replies
10
Views
5K
Writing: Input Wanted Can a Gamma-Ray Burst Affect Communication Devices?
  • · Replies 6 ·
Replies
6
Views
4K
Graduate BRS: PKI Cryptosystems for SA/Ms: A Tutorial
  • · Replies 13 ·
Replies
13
Views
4K
Too Much Stellar Flux: Fixing a 25-year old Problem
  • · Replies 9 ·
Replies
9
Views
4K
Engineering Change of major as a junior: Physics or Aerospace Engineering?
  • · Replies 4 ·
Replies
4
Views
3K