How-To Fix the PolicyKit & Dirty Pipe Vulnerabilities
"It was discovered that the PolicyKit pkexec tool incorrectly handled command-line arguments. A local attacker could use this issue to escalate privileges to an administrator. policykit-1 could be made to run programs as an administrator." -- Ubuntu Security
PolicyKit is a toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes.
CyberArk Labs created a tool called PwnKit-Hunter that will check your Linux system to see if you are vulnerable to PwnKit.
How to run “PwnKit-Hunter”
Open your Terminal and enter the following: (Look at the image above.)
git clone https://github.com/cyberark/PwnKit-Hunter.git
cd PwnKit-Hunter
./CVE-2021-4034_Finder.py
How to run “PwnKit-Hunter”
Open your Terminal and enter the following: (Look at the image above.)
git clone https://github.com/cyberark/PwnKit-Hunter.git
cd PwnKit-Hunter
./CVE-2021-4034_Finder.py
You may have to locate the file CVE-2021-4034_Finder.py and right-click it and select the Permissions tab and place a check next to "Allow executing file as program" before you run the the third step or command. The file was located in my path "/home/tommy/PwnKit-Hunter." You'll replace my name with the name of the account you are logged in with on your system.
As you can see in the image below, my polkit package is not vulnerable.
If your system is vulnerable then go to one of the following links below and download and install the appropriate update for your system:
Dirty Pipe Privilege Escalation Vulnerability in Linux
There's a vulnerability in Linux kernel versions 5.8 and later known as “Dirty Pipe.” A local attacker could exploit this vulnerability to take control of an affected system. Users are recommended to upgrade their kernel to 5.10.102 or newer.
Mar. 11, 2022