Friday, January 28, 2022

Ubuntu: (Multiple Advisories) (CVE-2021-4034): PolicyKit vulnerability

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From USN-5252-2:USN-5252-1 fixed a vulnerability in policykit-1. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.Original advisory details:It was discovered that the PolicyKit pkexec tool incorrectly handled command-line arguments. A local attacker could use this issue to escalate privileges to an administrator.
  • ubuntu-upgrade-available
  • ubuntu-upgrade-desktop
  • ubuntu-upgrade-infra
  • ubuntu-upgrade-policykit-1

  • References
  • USN-5252-1
  • USN-5252-2
  • CVE-2021-4034


    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore