What is the new Linux Polkit vulnerability?
A major Linux memory corruption vulnerability has been discovered by Qualys. It is extremely dangerous due to the ease in which it can be exploited.
The vulnerability allows Linux users with standard access to execute any command with root (administrative) privileges. It applies to any Linux machine using the default configuration for Polkit and the pkexec command.
Although this vulnerability was only discovered in late 2021 and disclosed publicly yesterday, Polkit has been vulnerable since May 2009.
Pete Lannon, Assure Technical’s Cyber Security & Information Governance Manager provides a technical explanation. “The vulnerability was discovered in Polkit’s pkexec. Polkit (previously referred to as PolicyKit) is a systemd SUID-root program. It’s been installed by default on nearly every Linux distribution for the last 12 years.”
How to fix the Linux Polkit vulnerability
Qualys has strongly recommended that patches for Polkit be applied as a priority. You can find these on the Polkit author’s GitLab.
Many major Linux distributions are pushing a patch for this today. You will be able to apply these through a standard system update.
If your organisation is unable to immediately apply a patch, a temporary mitigation is to remove read/write permissions from pkexec using the following command:
chmod 0755 /usr/bin/pkexec
Assure Technical make security simple
If you have any questions or concerns about the Linux vulnerability, or any other aspect of your security, please do not hesitate to get in touch.
Assure Technical keep security simple. Our objective is to provide technical security expertise with a personal touch – no cut corners, no jargon, no waffle, just straight-talking security solutions.
