Ancient Linux bugs provide root access to unprivileged users

Ancient Linux bugs provide root access to unprivileged users

Security researchers have discovered some 7-year-old vulnerabilities Linux distributionCan be used by unprivileged local users to bypass authentication and gain root access.

The bug patched last week exists in Polkit System Service, a toolkit used to assess whether a particular Linux activity requires higher privileges than currently available. Polkit is installed by default on some Linux distributions, allowing unprivileged processes to communicate with privileged processes.

Linux distributions that use systemd also use Polkit because the Polkit service is associated with systemd.

This vulnerability has been tracked as CVE-2021-3560 and has a CVSS score of 7.8. It was discovered by Kevin Backhouse, a security researcher on GitHub. He states that this issue occurred in 2013 with code commit bfa5036.

Initially shipped with Polkit version 0.113, it has moved to various Linux distributions over the last seven years.

“If the requesting process disconnects from dbus-daemon just before the call to polkit_system_bus_name_get_creds_sync begins, the process will not be able to get the unique uid and pid of the process and will not be able to verify the privileges of the requesting process.” And Red Hat Advisory..

“The biggest threats from this vulnerability are data confidentiality and integrity, and system availability.”

so Blog postAccording to Backhouse, exploiting this vulnerability is very easy and requires few commands using standard terminal tools such as bash, kill and dbus-send.

This flaw affects Polkit versions between 0.113 and 0.118. Red Hat’s Cedric Buissart said it will also affect Debian-based distributions based on Polkit 0.105.

Among the popular Linux distributions affected are Debian “Bullseye”, Fedora 21 (or later), Ubuntu 20.04, RHEL 8.

Polkit v.0.119, released on 3rdrd We will address this issue in June. We recommend that you update your Linux installation as soon as possible to prevent threat attackers from exploiting the bug.

CVE-2021-3560 is the latest in a series of years ago vulnerabilities affecting Linux distributions.

In 2017, Positive Technologies researcher Alexander Popov discovered a flaw in the Linux kernel introduced in the code in 2009. Tracked as CVE-2017-2636, this flaw was finally patched in 2017.

Another old Linux security flaw indexed as CVE-2016-5195 was introduced in 2007 and patched in 2016. This bug, also known as the “dirty COW” zero-day, was used in many attacks before the patch was applied.

Ancient Linux bugs provide root access to unprivileged users

Source link Ancient Linux bugs provide root access to unprivileged users

Related Articles

Back to top button