Dear Valued Customer,
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
For more info, please refer to below link
Affected Version :
- ALL APPM Version
- ALL ORISS Version
Step to Patch the Vulnerbility :
1. Retrive the patch from following link : -
https://drive.google.com/file/d/12Eu-3TIpWZoosecP35NBqI6QZr1TIOIF/view?usp=sharing
2. Copy downloaded file into servers.
Execute the following using appm user, su to root : -
#rpm -Uvh polkit-0.112-26.el7_9.1.x86_64.rpm
3. To verify the package is updated to polkit-0.112-26.el7_9.1.x86_64. Do :-
#rpm -qa | grep polkit
4. Ensure the polkit version installed is "polkit-0.112-26.el7_9.1.x86_64"
Sincerely,
The Secureki Team.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article