* pkexec vs kernel -- root to anyone who asks nicely
@ 2022-06-06 17:57 Pavel Machek
2022-06-07 7:20 ` Jan Kiszka
0 siblings, 1 reply; 3+ messages in thread
From: Pavel Machek @ 2022-06-06 17:57 UTC (permalink / raw)
To: cip-dev
[-- Attachment #1: Type: text/plain, Size: 483 bytes --]
Hi!
There's a security problem in pkexec vs. kernel interaction. Impact is
local root. If you want to get root on someone else's system, it
should be easy right now. It is fixed in 5.18, 5.10.120, and latest
4.9 and 4.19 kernels.
Do you have untrusted users on your system and you need pkexec?
Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: pkexec vs kernel -- root to anyone who asks nicely
2022-06-06 17:57 pkexec vs kernel -- root to anyone who asks nicely Pavel Machek
@ 2022-06-07 7:20 ` Jan Kiszka
2022-06-07 8:20 ` Pavel Machek
0 siblings, 1 reply; 3+ messages in thread
From: Jan Kiszka @ 2022-06-07 7:20 UTC (permalink / raw)
To: Pavel Machek, cip-dev
On 06.06.22 19:57, Pavel Machek wrote:
> Hi!
>
> There's a security problem in pkexec vs. kernel interaction. Impact is
> local root. If you want to get root on someone else's system, it
> should be easy right now. It is fixed in 5.18, 5.10.120, and latest
> 4.9 and 4.19 kernels.
>
> Do you have untrusted users on your system and you need pkexec?
>
Is that https://nvd.nist.gov/vuln/detail/cve-2021-4034, and does that
relate to "This vulnerability has been modified and is currently
undergoing reanalysis."? Or is it something else?
Jan
--
Siemens AG, Technology
Competence Center Embedded Linux
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: pkexec vs kernel -- root to anyone who asks nicely
2022-06-07 7:20 ` Jan Kiszka
@ 2022-06-07 8:20 ` Pavel Machek
0 siblings, 0 replies; 3+ messages in thread
From: Pavel Machek @ 2022-06-07 8:20 UTC (permalink / raw)
To: Jan Kiszka; +Cc: Pavel Machek, cip-dev
[-- Attachment #1: Type: text/plain, Size: 1090 bytes --]
Hi!
> > There's a security problem in pkexec vs. kernel interaction. Impact is
> > local root. If you want to get root on someone else's system, it
> > should be easy right now. It is fixed in 5.18, 5.10.120, and latest
> > 4.9 and 4.19 kernels.
> >
> > Do you have untrusted users on your system and you need pkexec?
> >
>
> Is that https://nvd.nist.gov/vuln/detail/cve-2021-4034, and does that
> relate to "This vulnerability has been modified and is currently
> undergoing reanalysis."? Or is it something else?
Yes, it is same thing... see dcd46d897adb70d63e025f175a00a89797d31a43
and https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt .
Pkexec is gnome-related, so should not be too usual on embedded
systems, and you should not really have untrusted users on your
embedded system, either.
But if someone has them and is using pkexec, we may need to do extra
updates.
Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-06-07 8:20 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-06 17:57 pkexec vs kernel -- root to anyone who asks nicely Pavel Machek
2022-06-07 7:20 ` Jan Kiszka
2022-06-07 8:20 ` Pavel Machek
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.