Re: pkexec vs kernel -- root to anyone who asks nicely

[Pavel Machek <pavel@denx.de>]

[-- Attachment #1: Type: text/plain, Size: 1090 bytes --]

Hi!

> > There's a security problem in pkexec vs. kernel interaction. Impact is
> > local root. If you want to get root on someone else's system, it
> > should be easy right now. It is fixed in 5.18, 5.10.120, and latest
> > 4.9 and 4.19 kernels.
> > 
> > Do you have untrusted users on your system and you need pkexec?
> > 
> 
> Is that https://nvd.nist.gov/vuln/detail/cve-2021-4034, and does that
> relate to "This vulnerability has been modified and is currently
> undergoing reanalysis."? Or is it something else?

Yes, it is same thing... see dcd46d897adb70d63e025f175a00a89797d31a43
and https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt .

Pkexec is gnome-related, so should not be too usual on embedded
systems, and you should not really have untrusted users on your
embedded system, either.

But if someone has them and is using pkexec, we may need to do extra
updates.

Best regards,
								Pavel
-- 
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]