Pkexec Exploit Gives Attackers Root on Major Linux Distros

  • Thread starter jim mcnamara
  • Start date
  • Tags
    Linux
In summary, a bug that has been present for 12 years in Linux has been discovered, giving attackers root access to every major Linux distribution. Both the Linux kernel and pkexec maintainers have patches in the works to fix the issue. The bug was first identified in 2008 by Michael Kerrisk, but no action was taken at the time. Ubuntu has already pushed a fix for the bug, but it may take longer for other distributions to do the same. For now, users can temporarily fix the issue by removing the setuid bit from the pkexec executable.
Technology news on Phys.org
  • #3
PeterDonis said:
It looks like both the Linux kernel and the pkexec maintainers have patches in the works:

https://lore.kernel.org/lkml/20220126043947.10058-1-ariadne@dereferenced.org/T/

It looks like a proud "I told you so" moment for Michael Kerrisk:
https://lore.kernel.org/lkml/20220126043947.10058-1-ariadne@dereferenced.org/T/ said:
Interestingly, Michael Kerrisk opened an issue about this in 2008,
but there was no consensus to support fixing this issue then.
Hopefully now that CVE-2021-4034 shows practical exploitative use
of this bug in a shellcode, we can reconsider.
 
  • Haha
Likes Borg
  • #5
My linux boxes are offline for a while - but WSL Ubuntu shows the problem. That does not bode well for a fix... in the next month.
 
  • #6
jim mcnamara said:
WSL Ubuntu shows the problem.
You can "fix" it at least for the time being by removing the setuid bit from the pkexec executable.
 
  • Like
Likes jim mcnamara

FAQ: Pkexec Exploit Gives Attackers Root on Major Linux Distros

What is the Pkexec exploit?

The Pkexec exploit is a vulnerability found in the Linux desktop environment that allows attackers to gain root access on major Linux distributions. Root access gives attackers complete control over the system and allows them to execute commands and access sensitive information.

How does the Pkexec exploit work?

The Pkexec exploit works by exploiting a flaw in the PolicyKit component of the Linux desktop environment. This component is responsible for managing system privileges and authorizing users to perform administrative tasks. The vulnerability allows attackers to bypass the authorization process and gain root access without a password.

Which Linux distributions are affected by the Pkexec exploit?

According to security researchers, the Pkexec exploit affects major Linux distributions such as Ubuntu, Fedora, Debian, and CentOS. However, other distributions may also be vulnerable if they use the PolicyKit component in their desktop environment.

How can I protect my system from the Pkexec exploit?

To protect your system from the Pkexec exploit, you should update your Linux distribution to the latest version that includes a fix for the vulnerability. Additionally, you can also disable the PolicyKit component or limit its access to certain users to reduce the risk of exploitation.

What should I do if my system has been affected by the Pkexec exploit?

If your system has been affected by the Pkexec exploit, it is important to take immediate action to mitigate the damage. This may include removing any unauthorized changes made by the attacker, updating your system to the latest version, and scanning for any other potential malware or vulnerabilities that may have been introduced.

Similar threads

IPhone zero-click Wi-Fi exploit: One of the most breathtaking hacks
Replies
3
Views
1K
Requesting suggestions for languages, libraries, and architectures for parallel (and sometimes non parallel) numerical and scientific computations
Replies
8
Views
3K
Plagiarism & ChatGPT: Is Cheating with AI the New Normal?
2
Replies
39
Views
6K
Exploring the Frontiers of Physics: An Amateur Scientist's Journey
Replies
1
Views
515
Current and Future AI Threats to Humanity and the Human Response
Replies
10
Views
3K
Writing: Input Wanted Can a Gamma-Ray Burst Affect Communication Devices?
Replies
6
Views
2K
BRS: PKI Cryptosystems for SA/Ms: A Tutorial
Replies
13
Views
3K
Too Much Stellar Flux: Fixing a 25-year old Problem
Replies
9
Views
2K
Engineering Change of major as a junior: Physics or Aerospace Engineering?
Replies
4
Views
2K
Quantum Workforce Elements, Toolbox for QIS Programs at Universities
Replies
1
Views
2K

Hot Threads

Recent Insights

Back
Top