A new vulnerability that affects many Linux systems has been revealed: Pwnkit. This attack uses a vulnerability in polkitd to allow any user to escalate his privileges to root. There are patches for major Linux systems: see the LowEndTalk thread. Thanks to @FoxelVox for posting this on LET.
It’s important to note that the vulnerability can only be used by users logged into the system. You can’t launch this attack on just any Linux box you ping on the network.
I tested on my Debian 11 systems. I find that none of my remote VMs are running polkitd, which is a user privilege management tool (previously called PolicyKit), however all of my home systems are. On my VMs, without polkitd running, the attack compiles but doesn’t work. However, it works just fine where polkitd is running.
Patch your systems ASAP!
Related Posts:
I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.
I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308
- Enjoy VisualWebTechnologies’ 65% Off Spring Sale! - April 20, 2024
- NSD Tutorial Updated for 2024: Now With Zone Transfers! - April 19, 2024
- cPanel VPS Licenses for Only $4.00/Month!Dedicated for Only $4.50/Month!But There’s One Important Detail… - April 18, 2024
Dear Dreadlord. Is this still a problem if I (to my knowledge) only have one user (root) i.e. me?! Web requests come in from the www-data user, though. Thank you. Jon.C.
No they must have a shell…unless they can trick your php app into executing something on the server…