Ravie Lakshmanan's recent article CISA warns of active exploitation of 'PwnKit' Linux vulnerability in the wild articulates the vulnerability in Polkit (CVE-2021-4034) and recommends “to mitigate any potential risk of exposure to cyberattacks… that organizations prioritize timely remediation of the issues," while "federal civilian executive branch agencies, however, are required to mandatorily patch the flaws by July 18, 2022.”
You might be asking: What is this vulnerability, and what has Red Hat done to address this concern for customers?
What is the PwnKit vulnerability?
The vulnerability was discovered by Qualys in January 2022 and given the identifier CVE-2021-4034. Polkit, formerly known as PolicyKit, is a toolkit for controlling systemwide privileges in Unix-like operating systems, including all Linux distributions. The toolkit provides a mechanism for non-privileged processes to communicate with privileged processes. This allows an authorized user to execute commands as another user using appropriate local-privilege elevation in Polkit’s pkexec utility. The flaw's exploitation would grant an unprivileged attacker administrative rights on the target machine, compromising the host.
The vulnerability is known as PwnKit. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerability Catalog on June 27, 2022, with a resolution date of July 18, 2022. The CVSS v3 score for this vulnerability is 7.8, earning a high severity rating.
How Red Hat responded to CVE-2021-4034
Red Hat Product Security issued errata for CVE-2021-4034 in January 2022 and February 2022. All the affected platforms and packages supported by Red Hat were fixed as of February 7, 2022, well in advance of the July 18, 2022, deadline set by CISA. In addition, Product Security quickly issued a mitigation procedure for customers who could not update their software immediately.
How Red Hat monitors exploited vulnerabilities in the wild
Red Hat’s Product Security team actively tracks active exploits reported by CISA against components shipped in the Red Hat portfolio. When CISA reports an exploit in the wild, Red Hat’s Product Security team checks the current status of our portfolio regarding the impact of the exploitable vulnerability. All vulnerabilities are fixed in accordance with our life-cycle policies. If the vulnerability has not yet been fixed according to the policy (for example, if the vulnerability was not rated Critical or Important), Product Security will fast-track a fix.
Product’s Security awareness and visibility into reported exploits allow us to be proactive in the ever-changing threat landscape to fix vulnerabilities that truly matter. This allows Red Hat to continue to be a trusted vendor and partner to our customers.
References
Learn more
À propos de l'auteur
Leonardo Firicano joined Red Hat in 2021 as a Business Analyst for Product Security. Leo brings his experience and skills to Product Security, having held previous roles as a technical business analyst, a project analyst, and a data analyst within the finance industry. Leo holds a bachelor’s degree in Finance and Information Systems from Suffolk University and an MBA from Northeastern University.
Contenu similaire
Parcourir par canal
Automatisation
Les dernières actualités en matière de plateforme d'automatisation qui couvre la technologie, les équipes et les environnements
Intelligence artificielle
Actualité sur les plateformes qui permettent aux clients d'exécuter des charges de travail d'IA sur tout type d'environnement
Services cloud
En savoir plus sur notre gamme de services cloud gérés
Sécurité
Les dernières actualités sur la façon dont nous réduisons les risques dans tous les environnements et technologies
Edge computing
Actualité sur les plateformes qui simplifient les opérations en périphérie
Infrastructure
Les dernières nouveautés sur la plateforme Linux d'entreprise leader au monde
Applications
À l’intérieur de nos solutions aux défis d’application les plus difficiles
Programmes originaux
Histoires passionnantes de créateurs et de leaders de technologies d'entreprise
Produits
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Services cloud
- Voir tous les produits
Outils
- Formation et certification
- Mon compte
- Ressources développeurs
- Assistance client
- Calculateur de valeur Red Hat
- Red Hat Ecosystem Catalog
- Rechercher un partenaire
Essayer, acheter et vendre
Communication
- Contacter le service commercial
- Contactez notre service clientèle
- Contacter le service de formation
- Réseaux sociaux
À propos de Red Hat
Premier éditeur mondial de solutions Open Source pour les entreprises, nous fournissons des technologies Linux, cloud, de conteneurs et Kubernetes. Nous proposons des solutions stables qui aident les entreprises à jongler avec les divers environnements et plateformes, du cœur du datacenter à la périphérie du réseau.
Sélectionner une langue
Red Hat legal and privacy links
- À propos de Red Hat
- Carrières
- Événements
- Bureaux
- Contacter Red Hat
- Lire le blog Red Hat
- Diversité, équité et inclusion
- Cool Stuff Store
- Red Hat Summit