Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 1112-year vulnerability in pkexec gives hackers root privileges on Linux
PwnKit is included in the default configuration of all Linux distros and can be exploited to gain full root privileges on the system.
PwnKit emerged from the original pkexec commit 12 years ago. This means that all versions of Polkit are affected.
Part of the open-source application framework Polkit is responsible for negotiating the interaction between privileged and non-privileged processes. Meanwhile, pkexec allows authorized users to execute commands as another user, an alternative to sudo.
Easy to mine and has video tutorials on how to mine (PoC)
Security researchers at information security firm Qualys discovered PwnKit. They found that hackers could use pkexec to gain root privileges on default installations of Ubuntu, Debian, Fedora, and CentOS.
In addition, Qualys also warned that PwnKit can be exploited on other Linux operating systems.
The problem appeared in the first version of pkexec released in May 2009 but no one noticed. The researchers say that this PwnKit vulnerability is very easy to exploit.
Qualys has not released a proof-of-mining (PoC) video yet. However, just 3 hours after the technical details of the vulnerability were made public, its PoC video was shared by the hackers.
Security experts say that PwnKit is very dangerous because it is both simple and popular. Even testing shows that it works on ARM64 systems.
Qualys has reported the vulnerability to the responsible parties since November 18, 2021 and only makes the information public after a patch is available. The company recommends that administrators should prioritize installing the patch that Polkit's author has just released on GitLab.
Linux distro vendors also got access to the patch a few weeks ago. It is expected that the pkexec update packages will be released from January 25, 2022.
If it hasn't been updated, you can temporarily strip pkexec's read/write permissions to prevent the vulnerability with the following command:
chmod 0755 /usr/bin/pkexec
Linux users should update their operating system as soon as possible to avoid security holes like PwnKit.
Lesley MontoyaYou should read it
- How to install and use a vulnerability scanner in Linux
- Immediately patch CWP vulnerability that allows code execution as root on Linux servers
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- Detected a serious zero-day vulnerability in Microsoft Office, click the document file and it will stick
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
- What is VENOM Vulnerability? How can you protect yourself?
- Log4Shell zero-day vulnerability discovered, the new nightmare of enterprises
May be interested
- McAfee software has a vulnerability that allows hackers to run code with system privileges on Windows
this vulnerability was patched shortly after mcafee enterprise received a report from security researchers. - Warning: Vulnerability in Windows' HTTP Protocol Stack attacks remote code execution, no authentication requiredrecently, the ncsc cybersecurity monitoring center recorded an exploit code for a critical security vulnerability cve-2022-21907 in windows' http protocol stack.
- Discovered new ransomware called White Rabbit, related to the notorious FIN8 hacker groupa new family of ransomware called white rabbit has just been discovered by researchers. according to research results, it is possible that this ransomware is a side activity of the notorious fin8 hacker group.
- Microsoft issued a warning about macOS security errors, urging users to update the software immediatelythe microsoft security team recently issued a warning about a vulnerability that exists in a bug in apple's transparency, consent and control (tcc) technology. tcc is a technology that has been around since 2012.
- The Gupteba botnet that infected 1 million Windows computers has just been taken down by Googleglopbeta is a dangerous type of malware with the ability to steal user information and cookies, mine virtual currency, deploy and operate proxy components... it usually targets both windows and device systems. iot devices.
- Dangerous malicious code, capable of self-mutating, attacking the vaccine manufacturing industrya dangerous type of malicious code, capable of mutating itself to avoid security software, is attacking vaccine manufacturing and supply companies globally.
Attack the network
Immediately patch CWP vulnerability that allows code execution as root on Linux servers- How to Get Full Root Privileges in Linux
- How to Become Root in Linux
- The Linux vulnerability series is more than '15 years old', allowing hackers to hijack root privileges
- Vulnerability discovered in ESET anti-virus software could allow hackers to gain system privileges on Windows
Immediately patch CWP vulnerability that allows code execution as root on Linux servers
How to Get Full Root Privileges in Linux
How to Become Root in Linux
The Linux vulnerability series is more than '15 years old', allowing hackers to hijack root privileges
Vulnerability discovered in ESET anti-virus software could allow hackers to gain system privileges on Windows