so.cl

Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer


→ in reply to CVE-2021-4034 - Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec

Today is polkit-patching day. Keep in mind that this vulnerability is not remotely exploitable, you need a local user on the machine. This vulnerability has been hiding in plain sight for 12+ years and affects all versions of pkexec since its first version in May 2009 (commit c8c3d83, “Add a pkexec(1) command”).

Easyfix if you don’t have patches for your OS yet, by removing the SUID-bit from the binary.

# chmod 0755 /usr/bin/pkexec