UKFast Documentation

Improve This Doc
  • Cloud
  • Desktop and Office Solutions
  • Domains and DNS management
  • Backup and High Availability
  • eCommerce Stacks
  • Security
    • DDoSX®
    • Web Application Firewall
    • Threat Monitoring and Threat Response
    • McAfee Antivirus
    • Vulnerability Scans
    • Keeping Magento secure
    • Keeping WordPress secure
    • Brute Force Attacks
    • CryptoLocker
    • Dirty COW
    • The Logjam attack
    • Meltdown and Spectre
    • Memcached security concerns and reflection/amplification DDoS attacks
    • Wana Decryptor / Wana Decrypt0r 2.0 / WannaCry
    • Log4J Vulnerability
    • Polkit Security Vulnerability CVE-2021-4034
    • CVE-2022-0847 - Dirty Pipe Vulnerability
  • Email
  • Monitoring and usage management
  • Networking
  • Operating systems
  • Webcelerator
  • MyUKFast
  • Home >
  • Security >
  • Polkit Security Vulnerability CVE-2021-4034

Polkit Security Vulnerability CVE-2021-4034¶

Reference

Severity

Date

CVE-2021-4034

7.8

25/01/22

Last Updated: 31/01/22 10:15 AM

Tip

Patched packages for Ubuntu and CentOS 7/8 are now available via the UKFast Public Mirrors.

Overview¶

On Tuesday 25th January 2022, a local privilege escalation was discovered in the polkit component in all major Linux distributions. This toolkit is responsible for organising/controlling how non-privileged processes communicate with privileged ones. A vulnerability was discovered in the pbexec command in which a specifically crafted environment variable can be leveraged to execute arbitrary code, leading to a local privilege escalation.

  • Red Hat

  • Ubuntu

  • AlmaLinux

UKFast’s Response¶

Once patches are available, UKFast is encouraging all clients to upgrade polkit to the latest version, applying the appropriate mitigations where upgrade isn’t an option. For our part, UKFast is currently working through all our systems to be absolutely sure we are protected.

Our support teams are looking at not only updating those products and services managed by UKFast, but are also looking into the wider scope of affected applications, with a view to better informing our clients the best mitigation methods with systems they manage.

Identification¶

Vulnerable Versions¶

Warning

For CentOS 6x, Ubuntu 14.04 and 16.04, an Extended Security Maintenance Contract with the vendor is required to obtain the patch for CVE-2021-4034

OS

Notes

CentOS 6x

Vulnerable to CVE-2021-4034

CentOS 7x

Vulnerable to CVE-2021-4034

CentOS 8x

Vulnerable to CVE-2021-4034

Ubuntu 14.04

Vulnerable to CVE-2021-4034

Ubuntu 16.04

Vulnerable to CVE-2021-4034

Ubuntu 18.04

Vulnerable to CVE-2021-4034

Ubuntu 20.04

Vulnerable to CVE-2021-4034

Ubuntu 21.10

Vulnerable to CVE-2021-4034

AlmaLinux

Vulnerable to CVE-2021-4034

Patched Versions¶

Note

A reboot is required to apply this patch due to the number of services that rely on this component.

OS

Patched Version

CentOS 7x

polkit-0.112-26.el7_9.1.x86_64

Ubuntu 14.04

policykit-1_0.105-4ubuntu3.14.04.6+esm1

Ubuntu 16.04

policykit-1_0.105-14.1ubuntu0.5+esm1

Ubuntu 18.04

policykit-1_0.105-20ubuntu0.18.04.6

Ubuntu 20.04

policykit-1_0.105-26ubuntu1.24

Ubuntu 21.10

policykit-1_0.105-31ubuntu0.1

Alma Linux

polkit-0.115-13.el8_5.1.x86_64.rpm

Manual Mitigation¶

In lieu of a patched version of polkit, Red Hat have detailed an alternative method of mitigation, linked below.

  • Red Hat

Next Article > CVE-2022-0847 - Dirty Pipe Vulnerability

  • Useful Links
  • Dedicated Servers
  • Cloud Hosting
  • Hosting Solutions
  • Ecommerce Hosting
  • Colocation
  • UKFast Data Centres
  • Partner Programme
  • About UKFast
  • Careers
  • Blog
  • Get in touch
  •  
  • Sales 0800 458 4545
  • Support 0800 230 0032
  • Help & Support
  • Contact Us
  • Request a Quote
  • Live Chat
  • Dell
  • Red Hat
  • VMware
  • Microsoft
  • Cisco
  • 3PAR
  • LPI
  • PCI Security Standards Council
  • ISOQAR
  • BSI

© UKFast.Net Ltd 1999 - UK's Best Dedicated Server Web Hosting | Privacy Policy | Support | Corporate Guidance | Sitemap
UKFast.Net Limited, Registered in England, Company Registration Number 03845616, Registered Office: Archway 1, Birley Fields, Manchester, England, M15 5QJ