Download
| Alert*
oval:org.secpod.oval:def:2500528
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. oval:org.secpod.oval:def:77529 policykit-1: framework for managing administrative policies and privileges, policykit-1 could be made to run programs as an administrator. oval:org.secpod.oval:def:4501122 The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Security Fix: * polkit: Local privilege escalation in pkexec due to incorrect handling of argument vec ... oval:org.secpod.oval:def:1700807 A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count c ... oval:org.secpod.oval:def:77530 The polkit package is designed to define and handle policies that allow unprivileged processes to communicate with privileged processes on a Linux system. Pkexec, part of polkit, is a tool that allows the user to execute commands as another user according to the polkit policy definitions using the s ... oval:org.secpod.oval:def:605760 The Qualys Research Labs discovered a local privilege escalation in PolicyKit"s pkexec. Details can be found in the Qualys advisory at https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt oval:org.secpod.oval:def:1505419 [0.96-11.0.1.el6_10.1] - pkexec: local privilege escalation [Orabug: 33789506][CVE-2021-4034] oval:org.secpod.oval:def:506664 The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Security Fix: * polkit: Local privilege escalation in pkexec due to incorrect handling of argument vec ... oval:org.secpod.oval:def:1505381 [0.115-13.0.1] - Increase timeout to avoid defunct processes [Orabug: 26930744] [0.115-13.el8_5.1] - pkexec: argv overflow results in local privilege esc. - Resolves: CVE-2021-4034 oval:org.secpod.oval:def:706292 policykit-1: framework for managing administrative policies and privileges policykit-1 could be made to run programs as an administrator. oval:org.secpod.oval:def:1505380 [0.112-26.0.1] - Increase timeout to avoid defunct processes [Orabug: 26930744] [0.112-26.1] - pkexec: argv overflow results in local privilege esc. - Resolves: CVE-2021-4034 oval:org.secpod.oval:def:121477 polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. oval:org.secpod.oval:def:77711 The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Security Fix: polkit: Local privilege escalation in pkexec due to incorrect handling of argument vecto ... oval:org.secpod.oval:def:2107180 Oracle Solaris 11 - ( CVE-2021-4034 ) oval:org.secpod.oval:def:205934 The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Security Fix: * polkit: Local privilege escalation in pkexec due to incorrect handling of argument vec ... oval:org.secpod.oval:def:121475 polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. oval:org.secpod.oval:def:89411 policykit-1: framework for managing administrative policies and privileges, policykit-1 could be made to run programs as an administrator. oval:org.secpod.oval:def:97598 [CLSA-2022:1643211942] Fixed CVE-2021-4034 in polkit oval:org.secpod.oval:def:19500126 A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count c ... oval:org.secpod.oval:def:506674 The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Security Fix: * polkit: Local privilege escalation in pkexec due to incorrect handling of argument vec ... oval:org.secpod.oval:def:89045921 This update for polkit fixes the following issues: - CVE-2021-4034: Fixed a local privilege escalation in pkexec . oval:org.secpod.oval:def:89047541 This update for polkit fixes the following issues: - CVE-2021-4034: Fixed a local privilege escalation in pkexec . oval:org.secpod.oval:def:78191 policykit-1: framework for managing administrative policies and privileges policykit-1 could be made to run programs as an administrator. oval:org.secpod.oval:def:78156 The Qualys Research Labs discovered a local privilege escalation in PolicyKit"s pkexec. Details can be found in the Qualys advisory at https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt oval:org.secpod.oval:def:89045946 This update for polkit fixes the following issues: - CVE-2021-4034: Fixed a local privilege escalation in pkexec . oval:org.secpod.oval:def:89045912 This update for polkit fixes the following issues: - CVE-2021-4034: Fixed a local privilege escalation in pkexec . oval:org.secpod.oval:def:506846 The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Security Fix: * polkit: Local privilege escalation in pkexec due to incorrect handling of argument vec ... oval:org.secpod.oval:def:1505935 [5.4.17-2136.310.7.el7] - net_sched: cls_route: remove from list when handle is 0 [Orabug: 34480880] {CVE-2022-2588} - x86/spec_ctrl: limit IBRS_FW to retpoline only [Orabug: 34450896] - x86/bugs: display dynamic retbleed state [Orabug: 34450896] - x86/bugs: remove incorrect __init/__ro_after_ini ... oval:org.secpod.oval:def:1505937 [5.4.17-2136.310.7.el8] - net_sched: cls_route: remove from list when handle is 0 [Orabug: 34480880] {CVE-2022-2588} - x86/spec_ctrl: limit IBRS_FW to retpoline only [Orabug: 34450896] - x86/bugs: display dynamic retbleed state [Orabug: 34450896] - x86/bugs: remove incorrect __init/__ro_after_ini ... oval:org.secpod.oval:def:1507165 [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same ... |