From $URL: "The vulnerability can be reliably used by an unprivileged local attacker to bypass authorization and escalate permissions up to the root user." There is a polkit issue URL, https://gitlab.freedesktop.org/polkit/polkit/-/issues/140, but that 404's. polkit-0.119 was released an hour ago w/a fix.
Thank you!
(In reply to Sam James from comment #1) > Thank you! Welcome! I beat you for once, 9 times out of 10 when I check on a new vuln you've already created a bug for it ;)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=24b2771a8a9c131fbe598b9725f3e9e61247f131 commit 24b2771a8a9c131fbe598b9725f3e9e61247f131 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2021-06-03 17:56:58 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2021-06-03 17:57:39 +0000 sys-auth/polkit: Security bump to version 0.119 Bug: https://bugs.gentoo.org/794052 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> sys-auth/polkit/Manifest | 1 + sys-auth/polkit/polkit-0.119.ebuild | 131 ++++++++++++++++++++++++++++++++++++ 2 files changed, 132 insertions(+)
No, this isn't fixed yet.
amd64 done
x86 done
ppc64 stable
Unable to check for sanity: > no match for package: sys-auth/polkit-0.119
Unable to check for sanity: > no match for package: sys-auth/polkit-0.119-r1
arm done
arm64 done all arches done
Please cleanup.
GLSA request filed.
This issue was resolved and addressed in GLSA 202107-31 at https://security.gentoo.org/glsa/202107-31 by GLSA coordinator John Helmert III (ajak).
Reopening for cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=77e50819c7c7c22dee5ee6b2e7538b3cfff789af commit 77e50819c7c7c22dee5ee6b2e7538b3cfff789af Author: Sam James <sam@gentoo.org> AuthorDate: 2022-01-26 00:50:34 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-01-26 00:51:00 +0000 sys-auth/polkit: backport CVE-2021-3560, CVE-2021-4043 patches to 0.117 Needed for non-Rust arches like sparc. (Most users are on 0.120 and already fixed in previous commits.) Bug: https://bugs.gentoo.org/794052 Bug: https://bugs.gentoo.org/832057 Signed-off-by: Sam James <sam@gentoo.org> .../polkit/files/polkit-0.117-CVE-2021-3560.patch | 29 +++++ sys-auth/polkit/polkit-0.117-r3.ebuild | 136 +++++++++++++++++++++ 2 files changed, 165 insertions(+)
Unable to check for sanity: > no match for package: sys-auth/polkit-0.119-r2
Err... cleanup done in c0502be50e13cb62efd5c5fbb3e2cac255490e15.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=76caeda5c0ae4a7045d321f32ef95e31722434dd commit 76caeda5c0ae4a7045d321f32ef95e31722434dd Author: Sam James <sam@gentoo.org> AuthorDate: 2022-05-15 05:17:19 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-05-15 22:09:39 +0000 sys-auth/polkit: drop 0.117-r3, 0.120-r3 Bug: https://bugs.gentoo.org/794052 Bug: https://bugs.gentoo.org/833574 Signed-off-by: Sam James <sam@gentoo.org> sys-auth/polkit/Manifest | 2 - sys-auth/polkit/files/polkit-0.115-elogind.patch | 28 --- .../polkit/files/polkit-0.117-CVE-2021-3560.patch | 29 --- ...lkit-0.118-make-netgroup-support-optional.patch | 248 --------------------- .../polkit/files/polkit-0.120-CVE-2021-4034.patch | 72 ------ .../polkit/files/polkit-0.120-CVE-2021-4115.patch | 78 ------- sys-auth/polkit/metadata.xml | 1 - sys-auth/polkit/polkit-0.117-r3.ebuild | 136 ----------- sys-auth/polkit/polkit-0.120-r3.ebuild | 123 ---------- 9 files changed, 717 deletions(-)
