The Qualys research team has discovered a vulnerability in polkit's pkexec, a program that is installed by default on all major Linux distributions. This vulnerability allows any non-privileged user to gain full root privileges on a host locally with its default settings.
Polkit, formerly known as PolicyKit, is a component for controlling privileges on Unix operating systems.
In short, it provides us with an organized way for unprivileged processes to communicate with privileged processes.
Exploitation of this vulnerability allows any user without privileges to gain root privileges. Qualys researchers have carried out checks on different distributions with the default installation and this has been the result:
Vulnerable distributions:
Other Linux distributions are probably vulnerable.
This vulnerability has been around for over twelve years and affects all versions of pkexec since it was first published in 2009.
Currently, the best solution is to update all Linux distributions that provide a backport [1] of the fix (requires a reboot).
As a temporary mitigation measure, you can also run the following command:
chmod 0755 /usr/bin/pkexec
At SW Hosting we have a high priority regarding the security of all our services. That is why both in the deployment of Clouds and Hostings this vulnerability is not present.
More information:
- backport[1]: is the action of carrying out a modification to an old version of software with contributions or patches originating from later versions.