Linux Policy Kit Elevation of Privilege Vulnerability

Release Date: 27 Jan 2022 5549 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Linux

TYPE: Linux

A vulnerability was identified in Linux Policy Kit. Local attacker could exploit the vulnerability to trigger elevation of privilege on the targeted system.

 

Note:

CVE-2021-4034 is being exploited in the wild.

Impact

  • Elevation of Privilege

System / Technologies affected

For Suse:

  • SUSE MicroOS 5.0 and 5.1
  • SUSE Manager Server 4.1
  • SUSE Manager Retail Branch Server 4.1
  • SUSE Manager Proxy 4.1
  • SUSE Linux Enterprise Server for SAP 15-SP2
  • SUSE Linux Enterprise Server 15-SP2-LTSS
  • SUSE Linux Enterprise Server 15-SP2-BCL
  • SUSE Linux Enterprise Module for Basesystem 15-SP3
  • SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
  • SUSE Enterprise Storage 7
  • SUSE Linux Enterprise Server for SAP 15 and 15-SP1
  • SUSE Linux Enterprise Server 15-SP1-LTSS
  • SUSE Linux Enterprise Server 15-SP1-BCL
  • SUSE Linux Enterprise Server 15-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
  • SUSE Linux Enterprise High Performance Computing 15-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-ESPOS
  • SUSE Enterprise Storage 6
  • SUSE CaaS Platform 4.0
  • SUSE OpenStack Cloud Crowbar 8 and 9
  • SUSE OpenStack Cloud 8 and 9
  • SUSE Linux Enterprise Workstation Extension 12-SP5
  • SUSE Linux Enterprise Software Development Kit 12-SP5
  • SUSE Linux Enterprise Server for SAP 12-SP3 and 12-SP4
  • SUSE Linux Enterprise Server 12-SP5
  • SUSE Linux Enterprise Server 12-SP4-LTSS
  • SUSE Linux Enterprise Server 12-SP3-LTSS
  • SUSE Linux Enterprise Server 12-SP3-BCL
  • SUSE Linux Enterprise Server 12-SP2-BCL
  • HPE Helion Openstack 8

 

For Ubuntu

  • Ubuntu 21.10
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 ESM
  • Ubuntu 14.04 ESM

 

For RedHat

  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux Server - AUS 7.3 x86_64
  • Red Hat Enterprise Linux Server - AUS 7.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 7.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 7.7 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - TUS 7.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 7.7 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.2 x86_64
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64
  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

For Suse:

 

For Ubuntu:

 

For RedHat:

Vulnerability Identifier

Source

Related Link

Related Tags

LinuxSUSEUbuntuRed HatElevation of PrivilegeExploit In The Wild

Share with

Previous

F5 BIG-IP Multiple Vulnerabilities

25 Jan 2022 3932 Views

Next

Linux Kernel Multiple Vulnerabilities

27 Jan 2022 4098 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY