Joined: 12 May 2004
|Posted: Thu Jan 27, 2022 6:26 am Post subject: [ GLSA 202201-01 ] Polkit
|Gentoo Linux Security Advisory
Title: Polkit: Local privilege escalation (GLSA 202201-01)
A vulnerability in polkit could lead to local root privilege escalation.
polkit is a toolkit for managing policies related to unprivileged processes communicating with privileged process.
Vulnerable: < 0.120-r2
Unaffected: >= 0.120-r2
Architectures: All supported architectures
Flawed input validation of arguments was discovered in the 'pkexec' program's main() function.
A local attacker could achieve root privilege escalation.
Run the following command as root:
# chmod 0755 /usr/bin/pkexec
Upgrade Polkit to a patched version.
|# emerge --sync
# emerge --ask --verbose ">=sys-auth/polkit-0.120-r2"
Last edited by GLSA on Tue Feb 01, 2022 4:17 am; edited 1 time in total