Skip to main content
Solved

CVE-2021-4034 PKEXEC exploit

  • January 31, 2022
  • 1 reply
  • 529 views

Forum|alt.badge.img+3

Hi All ,

Currently there is a warning about pkexec described in https://isc.sans.edu/diary/rss/28272.
I was able to validate PKEXEC tool existence as SUID binary on hyperscale nodes . 

This seems to be OS level application and not used by commvault software .

I believe a simple chmod of this executable is enough to prevent the exploit of being used (chmod 0755 /usr/bin/pkexec)

Is there any action item on Commvault to remediate this or this needs to be addressed by customer by applying OS patches ?

 

Best answer by Aplynx

Development is reviewing this issue and will be addressing it, in the meantime you can use this workaround:

Vulnerability Name: CVE-2021-4034 - PwnKit
Vulnerability Description: A vulnerability in Polkit's pkexec component identified as CVE-2021-4034 (PwnKit) is present in the default configuration of all major Linux distributions and can be exploited to gain full root privileges on the system.

A temporary mitigation for operating systems that have yet to push a patch is to use the following command to strip pkexec of the setuid bit:

chmod 0755 /usr/bin/pkexec

View original
Did this answer your question?
If you have a question or comment, please create a topic

1 reply

Aplynx
Vaulter
Forum|alt.badge.img+13
  • Vaulter
  • 291 replies
  • Answer
  • January 31, 2022

Development is reviewing this issue and will be addressing it, in the meantime you can use this workaround:

Vulnerability Name: CVE-2021-4034 - PwnKit
Vulnerability Description: A vulnerability in Polkit's pkexec component identified as CVE-2021-4034 (PwnKit) is present in the default configuration of all major Linux distributions and can be exploited to gain full root privileges on the system.

A temporary mitigation for operating systems that have yet to push a patch is to use the following command to strip pkexec of the setuid bit:

chmod 0755 /usr/bin/pkexec


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings