FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

polkit -- Local Privilege Escalation

Affected packages
polkit < 0.120_1

Details

VuXML ID 0f8bf913-7efa-11ec-8c04-2cf05d620ecc
Discovery 2022-01-25
Entry 2022-01-26

Qualys reports:

We discovered a Local Privilege Escalation (from any user to root) in polkit's pkexec, a SUID-root program that is installed by default on every major Linux distribution.

References

CVE Name CVE-2021-4034
FreeBSD PR ports/261482
URL https://seclists.org/oss-sec/2022/q1/80