ANS Documentation

Improve This Doc
  • Cloud
  • Domains and DNS management
  • Backup and High Availability
  • eCommerce Stacks
  • Security
    • DDoSX®
    • Web Application Firewall
    • Threat Monitoring and Threat Response
    • McAfee Antivirus
    • Vulnerability Scans
    • Keeping Magento secure
    • Keeping WordPress secure
    • Brute Force Attacks
    • CryptoLocker
    • Dirty COW
    • The Logjam attack
    • Meltdown and Spectre
    • Memcached security concerns and reflection/amplification DDoS attacks
    • Wana Decryptor / Wana Decrypt0r 2.0 / WannaCry
    • Log4J Vulnerability
    • Polkit Security Vulnerability CVE-2021-4034
    • CVE-2022-0847 - Dirty Pipe Vulnerability
  • Email
  • Monitoring and usage management
  • Networking
  • Operating systems
  • Webcelerator
  • MyUKFast
  • Home >
  • Security >
  • Polkit Security Vulnerability CVE-2021-4034

Polkit Security Vulnerability CVE-2021-4034¶

Reference

Severity

Date

CVE-2021-4034

7.8

25/01/22

Last Updated: 31/01/22 10:15 AM

Tip

Patched packages for Ubuntu and CentOS 7/8 are now available via the UKFast Public Mirrors.

Overview¶

On Tuesday 25th January 2022, a local privilege escalation was discovered in the polkit component in all major Linux distributions. This toolkit is responsible for organising/controlling how non-privileged processes communicate with privileged ones. A vulnerability was discovered in the pbexec command in which a specifically crafted environment variable can be leveraged to execute arbitrary code, leading to a local privilege escalation.

  • Red Hat

  • Ubuntu

  • AlmaLinux

UKFast’s Response¶

Once patches are available, UKFast is encouraging all clients to upgrade polkit to the latest version, applying the appropriate mitigations where upgrade isn’t an option. For our part, UKFast is currently working through all our systems to be absolutely sure we are protected.

Our support teams are looking at not only updating those products and services managed by UKFast, but are also looking into the wider scope of affected applications, with a view to better informing our clients the best mitigation methods with systems they manage.

Identification¶

Vulnerable Versions¶

Warning

For CentOS 6x, Ubuntu 14.04 and 16.04, an Extended Security Maintenance Contract with the vendor is required to obtain the patch for CVE-2021-4034

OS

Notes

CentOS 6x

Vulnerable to CVE-2021-4034

CentOS 7x

Vulnerable to CVE-2021-4034

CentOS 8x

Vulnerable to CVE-2021-4034

Ubuntu 14.04

Vulnerable to CVE-2021-4034

Ubuntu 16.04

Vulnerable to CVE-2021-4034

Ubuntu 18.04

Vulnerable to CVE-2021-4034

Ubuntu 20.04

Vulnerable to CVE-2021-4034

Ubuntu 21.10

Vulnerable to CVE-2021-4034

AlmaLinux

Vulnerable to CVE-2021-4034

Patched Versions¶

Note

A reboot is required to apply this patch due to the number of services that rely on this component.

OS

Patched Version

CentOS 7x

polkit-0.112-26.el7_9.1.x86_64

Ubuntu 14.04

policykit-1_0.105-4ubuntu3.14.04.6+esm1

Ubuntu 16.04

policykit-1_0.105-14.1ubuntu0.5+esm1

Ubuntu 18.04

policykit-1_0.105-20ubuntu0.18.04.6

Ubuntu 20.04

policykit-1_0.105-26ubuntu1.24

Ubuntu 21.10

policykit-1_0.105-31ubuntu0.1

Alma Linux

polkit-0.115-13.el8_5.1.x86_64.rpm

Manual Mitigation¶

In lieu of a patched version of polkit, Red Hat have detailed an alternative method of mitigation, linked below.

  • Red Hat

Next Article > CVE-2022-0847 - Dirty Pipe Vulnerability

  • Useful Links
  • SMB
  • Enterprise
  • Channel
  • Public Sector
  • ANS Data Centres
  • About ANS
  • Careers
  • Blog
  • Get in touch
  •  
  • Sales 0800 458 4545
  • Support 0800 230 0032
  • Get in touch

© ANS Group Limited | Terms and Conditions | Corporate Guidance | Sitemap
ANS Group Limited, registered in England and Wales, company registration number 03176761, registered office 1 Archway, Birley Fields, Manchester M15 5QJ