Skip to content

[Backport release-21.11] polkit: fix local priviledge escalation in pkexec#156758

Merged
jonringer merged 1 commit intorelease-21.11from
backport-156750-to-release-21.11
Jan 25, 2022
Merged

[Backport release-21.11] polkit: fix local priviledge escalation in pkexec#156758
jonringer merged 1 commit intorelease-21.11from
backport-156750-to-release-21.11

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Jan 25, 2022
edited by mweinelt
Loading

Bot-based backport to release-21.11, triggered by a label in #156750.

  • Before merging, ensure that this backport complies with the Criteria for Backporting.
    • Even as a non-commiter, if you find that it does not comply, leave a comment.

@mweinelt @github-actions
polkit: fix local priviledge escalation in pkexec
63b4de3 
> We discovered a Local Privilege Escalation (from any user to root) in
> polkit's pkexec, a SUID-root program that is installed by default on
> every major Linux distribution

https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt

Fixes: CVE-2021-4034
(cherry picked from commit 9e01b06)
@github-actions github-actions bot requested a review from jtojnar January 25, 2022 20:00
@github-actions github-actions bot mentioned this pull request Jan 25, 2022
Merged
13 tasks
jonringer
jonringer approved these changes Jan 25, 2022
View reviewed changes
Copy link
Contributor

@jonringer jonringer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Result of nixpkgs-review pr 156758 run on x86_64-linux 1

1 package built:
  • polkit

@mweinelt mweinelt deleted the backport-156750-to-release-21.11 branch January 25, 2022 20:15
@mweinelt mweinelt added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Jan 25, 2022
@ofborg ofborg bot added 10.rebuild-darwin: 11-100 This PR causes between 11 and 100 packages to rebuild on Darwin. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 2501-5000 This PR causes many rebuilds on Linux and should target the staging branches. labels Jan 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jtojnar jtojnar Awaiting requested review from jtojnar

1 more reviewer

@jonringer jonringer jonringer approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 11-100 This PR causes between 11 and 100 packages to rebuild on Darwin. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 2501-5000 This PR causes many rebuilds on Linux and should target the staging branches.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jonringer @mweinelt