Skip to Content.
Sympa Menu

perfsonar-user - Re: [perfsonar-user] CVE-2021-4034

Subject: perfSONAR User Q&A and Other Discussion

List archive

Re: [perfsonar-user] CVE-2021-4034


Chronological Thread 
    < Chronological >      < Thread >
  • From: Mark Feit <>
  • To: Brian Tehan <>, "" <>
  • Subject: Re: [perfsonar-user] CVE-2021-4034
  • Date: Thu, 27 Jan 2022 14:31:54 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=C/JOENw/KHthURPxJ8Pxffdx0c4F1L742ky4SR8ut0Y=; b=WKD5ZAolRCwB/RSoW/kgSxOyTuPVOnKD00JcMvX/nzEFVVddGggniK53NaoSTiBF9WlFpgYrE/OU6Y3kuaX2MSG6nrSQdUx4lRevSVkLwoH64GsqWCvBz0ISrJZaboavcDUKiQ5TLXls1w+MH036efIIttX+kP6YW/YopHmsFMikA1LH9eQNUJS3TCugzNzUbsNs9icJD/j3tKrolYvRP5bUQYZWG3AYORSqb5Rgk0z8wXAf0EjENgWZC6wabVKmMlObqek2zM1PLgeE63u9AfxitO69hs+Ttz6wcBoBvUyIyRrAKwikrjM4PFsbyQckDzPINm5t4BYv/mHs+CWTDQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Mw/VMgzD7/2HvMJJzilWcbwRU4xkhZW/xskEWe/FRAINE5wJE8MFyibNMwI64toXZ7DEDfkraQCBYZaqVLd2ngtpc584rsvsZhUmVdzQuRDTNw+QcvqTOfB/5LYGmDeqs9AuAoSHRCk4DV58ZzpEDjDCZ/FXpJBx/tsEwLKz10O9PDyaOLKcrcV+TGzX12ifGFHRY2lLm1Zm5Roths9fkE3Fs0rm40e/FnTkiZqHKhVqaonDl+6f1G2Kj6M7C6D4u3j78RT9lg5k/i05QqUWtSZ4Llu8D3ECux78ulDZdmuzvxYW8juYRl7eoeSuJQIImWGBn+GPuzgfwIQKHqkLkw==

Brian Tehan writes:

 

https://arstechnica.com/information-technology/2022/01/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro/

https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt

 

$ systemctl list-unit-files | grep polkit

polkit.service                                 static 

  

I ran across the above article and found the service installed on our perfSONAR Toolkit machines.  Are toolkit installations vulnerable to this attack?  If so, should we implement the mitigation that Qualys suggests (# chmod 0755 /usr/bin/pkexec)?

 

Red Hat updated its polkit package to address this and it has filtered into CentOS, so the next update will get it patched.  If your system has polkit-0.112-26.el7_9.1.x86_64, you’re covered (the old package was polkit-0.112-26.el7.x86_64).

 

--Mark

 


Archive powered by MHonArc 2.6.24.

Top of Page