Vulnerability CVE-2021-4034

Vulnerability CVE-2021-4034

Published: 2022-01-28

Description:

	Topic	Author	Date
High	Polkit pkexec Local Privilege Escalation	Qualys Security ...	26.01.2022
High	PolicyKit-1 0.105-31 Privilege Escalation	Lance Biggerstaf...	27.01.2022

Type:

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.2/10	10/10	3.9/10

Affected software
Redhat -> Enterprise linux workstation
Redhat -> Enterprise linux server update services for sap solutions
Redhat -> Enterprise linux
Redhat -> Enterprise linux desktop
Redhat -> Enterprise linux eus
Redhat -> Enterprise linux for ibm z systems
Redhat -> Enterprise linux for ibm z systems eus
Redhat -> Enterprise linux for power big endian
Redhat -> Enterprise linux for power little endian
Redhat -> Enterprise linux for power little endian eus
Redhat -> Enterprise linux for scientific computing
Redhat -> Enterprise linux server
Redhat -> Enterprise linux server aus
Redhat -> Enterprise linux server eus
Redhat -> Enterprise linux server tus
Polkit project -> Polkit
Canonical -> Ubuntu linux

https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt

https://access.redhat.com/security/vulnerabilities/RHSB-2022-001

https://bugzilla.redhat.com/show_bug.cgi?id=2025869

https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683