Twelve-Year-Old Linux Vulnerability Discovered and Patched
It’s a privilege escalation vulnerability:
Linux users on Tuesday got a major dose of bad news—a 12-year-old vulnerability in a system tool called Polkit gives attackers unfettered root privileges on machines running most major distributions of the open source operating system.
Previously called PolicyKit, Polkit manages system-wide privileges in Unix-like OSes. It provides a mechanism for nonprivileged processes to safely interact with privileged processes. It also allows users to execute commands with high privileges by using a component called pkexec, followed by the command.
It was discovered in October, and disclosed last week—after most Linux distributions issued patches. Of course, there’s lots of Linux out there that never gets patched, so expect this to be exploited in the wild for a long time.
Of course, this vulnerability doesn’t give attackers access to the system. They have to get that some other way. But if they get access, this vulnerability gives them root privileges.
Denton Scratch • January 31, 2022 7:27 AM
Isn’t polkit only really needed if you have multiple desktop users?
It’s hard to remove, because of tangles of dependencies, but but I think only GNOME requires it. Oh – systemd probably wants it.
Most Linux systems are either servers (i.e. no desktop users), or personal laptops (i.e. only one desktop user). Places where it might be useful include hot-desking situations; but people don’t generally share their laptop, so they don’t need polkit.
I don’t have any of this *kit stuff on my systems; everything works, including XFCE.
[Edit] I have a 10-year-old Panasonic “smart” TV. I have no idea what that is running. I also have a Sky box. But neither of them provides any way to get a commandline, as far as I can see, and this exploit depends on a commmandline.