Red Hat 계정으로 회원 프로필, 기본 설정 및 고객 상태에 따라 다음의 서비스에 액세스할 수 있습니다.
아직 등록하지 않으셨습니까? 등록해야 하는 이유:
- 한 곳에서 기술 자료 문서를 탐색하고, 지원 사례와 서브스크립션을 관리하고, 업데이트를 다운로드 할 수 있습니다.
- 조직 내의 사용자를 보고, 계정 정보, 기본 설정 및 권한을 편집할 수 있습니다.
- Red Hat 자격증을 관리하고 시험 내역을 조회하며 자격증 관련 로고 및 문서를 다운로드할 수 있습니다.
Red Hat 계정으로 회원 프로필, 기본 설정 및 자신의 고객 상태에 따른 기타 서비스에 액세스할 수 있습니다.
보안을 위해, 공용 컴퓨터 사용 중에 Red Hat 서비스 이용이 끝난 경우 로그아웃하는 것을 잊지 마십시오.로그아웃
Ravie Lakshmanan's recent article CISA warns of active exploitation of 'PwnKit' Linux vulnerability in the wild articulates the vulnerability in Polkit (CVE-2021-4034) and recommends "to mitigate any potential risk of exposure to cyberattacks… that organizations prioritize timely remediation of the issues," while "federal civilian executive branch agencies, however, are required to mandatorily patch the flaws by July 18, 2022."
You might be asking: What is this vulnerability, and what has Red Hat done to address this concern for customers?
What is the PwnKit vulnerability?
The vulnerability was discovered by Qualys in January 2022 and given the identifier CVE-2021-4034. Polkit, formerly known as PolicyKit, is a toolkit for controlling systemwide privileges in Unix-like operating systems, including all Linux distributions. The toolkit provides a mechanism for non-privileged processes to communicate with privileged processes. This allows an authorized user to execute commands as another user using appropriate local-privilege elevation in Polkit’s pkexec utility. The flaw's exploitation would grant an unprivileged attacker administrative rights on the target machine, compromising the host.
The vulnerability is known as PwnKit. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerability Catalog on June 27, 2022, with a resolution date of July 18, 2022. The CVSS v3 score for this vulnerability is 7.8, earning a high severity rating.
How Red Hat responded to CVE-2021-4034
Red Hat Product Security issued errata for CVE-2021-4034 in January 2022 and February 2022. All the affected platforms and packages supported by Red Hat were fixed as of February 7, 2022, well in advance of the July 18, 2022, deadline set by CISA. In addition, Product Security quickly issued a mitigation procedure for customers who could not update their software immediately.
How Red Hat monitors exploited vulnerabilities in the wild
Red Hat’s Product Security team actively tracks active exploits reported by CISA against components shipped in the Red Hat portfolio. When CISA reports an exploit in the wild, Red Hat’s Product Security team checks the current status of our portfolio regarding the impact of the exploitable vulnerability. All vulnerabilities are fixed in accordance with our life-cycle policies. If the vulnerability has not yet been fixed according to the policy (for example, if the vulnerability was not rated Critical or Important), Product Security will fast-track a fix.
Product’s Security awareness and visibility into reported exploits allow us to be proactive in the ever-changing threat landscape to fix vulnerabilities that truly matter. This allows Red Hat to continue to be a trusted vendor and partner to our customers.
About the author
Leonardo Firicano joined Red Hat in 2021 as a Business Analyst for Product Security. Leo brings his experience and skills to Product Security, having held previous roles as a technical business analyst, a project analyst, and a data analyst within the finance industry. Leo holds a bachelor’s degree in Finance and Information Systems from Suffolk University and an MBA from Northeastern University.