A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HCanonical Ubuntu
OSCanonical14.0416.0418.0420.0421.10Oracle HTTP Server
APPOracle12.2.1.3.012.2.1.4.0Oracle Zfs Storage Appliance Kit
APPOracle8.8Polkit Project Polkit
APPPolkit Project< 121Red Hat Enterprise Linux
OSRedhat8.0Red Hat Enterprise Linux Desktop
OSRedhat7.0Red Hat Enterprise Linux Eus
OSRedhat8.2Red Hat Enterprise Linux For IBM Z Systems
OSRedhat7.08.0Red Hat Enterprise Linux For IBM Z Systems Eus
OSRedhat8.28.4Red Hat Enterprise Linux For Power Big Endian
OSRedhat7.0Red Hat Enterprise Linux For Power Little Endian
OSRedhat7.08.0Red Hat Enterprise Linux For Power Little Endian Eus
OSRedhat8.18.28.4Red Hat Enterprise Linux For Scientific Computing
OSRedhat7.0Red Hat Enterprise Linux Server
OSRedhat6.07.0Red Hat Enterprise Linux Server Aus
OSRedhat7.37.47.67.78.28.4Red Hat Enterprise Linux Server Eus
OSRedhat8.4Red Hat Enterprise Linux Server Tus
OSRedhat7.67.78.28.4Red Hat Enterprise Linux Server Update Services For Sap Solutions
APPRedhat7.67.78.18.28.4Red Hat Enterprise Linux Workstation
OSRedhat7.0Siemens Scalance Lpe9403
HWSiemenswszystkie wersjeSiemens Scalance Lpe9403 Firmware
OSSiemens< 2.0Siemens Sinumerik Edge
APPSiemens< 3.3.0Starwindsoftware Command Center
APPStarwindsoftware1.0Starwindsoftware Starwind Virtual San
APPStarwindsoftwarev8SUSE Enterprise Storage
APPSuse7.0SUSE Linux Enterprise Desktop
OSSuse15SUSE Linux Enterprise High Performance Computing
APPSuse15.0SUSE Linux Enterprise Server
OSSuse15SUSE Linux Enterprise Workstation Extension
OSSuse12SUSE Manager Proxy
APPSuse4.1
CISA KEV — szczegółyi
- Dostawcai
- Red Hat ↗
- Produkti
- Polkit
- Data dodania do KEVi
- 27 czerwca 2022
- Termin remediation (USA)i
- 18 lipca 2022(po terminie)
Zastosuj aktualizacje zgodnie z instrukcjami producenta.
▸ Pokaż oryginał (EN)
Apply updates per vendor instructions.
Narzędzie Red Hat polkit pkexec zawiera lukę typu out-of-bounds read and write, która umożliwia eskalację uprawnień do poziomu administratora.
▸ Pokaż oryginał (EN)
The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.
Powiązane podatności
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debia...
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process Clea...
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote att...