Skip to Content.
Sympa Menu

perfsonar-user - [perfsonar-user] CVE-2021-4034

Subject: perfSONAR User Q&A and Other Discussion

List archive

[perfsonar-user] CVE-2021-4034


Chronological Thread 
    < Chronological >      < Thread >
  • From: Brian Tehan <>
  • To: "" <>
  • Subject: [perfsonar-user] CVE-2021-4034
  • Date: Wed, 26 Jan 2022 21:36:15 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Lvdy3AyGVmQVHESjwE1Z7OHnEz2snrAlKuXF9JC4U/M=; b=PNCabCDXXR3LMRAyhq+vPcx7DE7x16iK4rrq7RgdV+/ftyWBduvfv+xhL2kw6+BN7rWDFohxFNB19NQAUZTWL28M+UsT/+E/I8W7WNJ6+dSh0QvrXSOtBCREOAE6UHHucBDc4VKXsq55R7FV4d7+6n1ZthLJNZqN+dEY6kdh5Js90BmXDd+8k5ir5+5RDOvAwp2QknJU8i2ZihIsRK2lykIeMN7Q5ChJLX7N6ERwNXbQikUFhkk5fbXgZIvklJu9E6mq4YFgIqpyx7A1BNQUHTZmAEmeYnafrP8LQbd22lIF5iBFE0P+7+AUiKc0Nb73n1nX1MJ4/hWnTJzhYy73Kw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZZVPFEiv19r9/4OcGMzXEeVwqJnl8tuB2cO5wFbJV0d33I2Kp5LwSUch7wM0AoXvwnHUw9thReGNBpeP/s97ReotP+Gr+CDggRjBIfQqRMOYTnnowsx9PvMSkSmCapT5QMwL4H1MU03F/s2rTwhP5Tok6nkfyxgEDwkX2nseuOQaAF2oXjMa/6iUGC7C9p3vfMuQXStDxLhq10oj6DkQh4XJ+2fGkecsl8Lapb34g9mZLhB6BpnE7jpsn6dWZPN8750cgts2DSTt6ZiDsZ70CP2KLNfSgIIgRlO2c86PdZoeAOhkaaBid4AHw9OnQvCnIDlwT93yr0dx56ZDtdCcUQ==

https://arstechnica.com/information-technology/2022/01/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro/

https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt

 

$ systemctl list-unit-files | grep polkit

polkit.service                                 static 

 

 

 

Perfsonar Team,

 

I ran across the above article and found the service installed on our perfSONAR Toolkit machines.  Are toolkit installations vulnerable to this attack?  If so, should we implement the mitigation that Qualys suggests (# chmod 0755 /usr/bin/pkexec)?

 

Thanks.

 

 

Brian Tehan

Regional Network Engineer

University of Nebraska System

EAB009F 6001 Dodge St

Omaha, NE 68182-0051

Office: (402) 554-6428

university of nebraska logo lockup with campuses

 

 


Archive powered by MHonArc 2.6.24.

Top of Page