Home » knowledge » 7-year-old authentication bypass flaw affects most Linux distributions

7-year-old authentication bypass flaw affects most Linux distributions

The Polkit auth system service authentication bypass vulnerability affects most Linux distributions.

Polkit is a suite of application-level tools that define and manipulate policies that allow unprivileged processes to communicate with privileged processes. This system tool is installed by default in several Linux distributions.

Researchers discovered an authentication bypass vulnerability in the Polkit auth system service with CVE number CVE-2021-3560. When the requesting process is disconnected from dbus-daemon before calling polkit_system_bus_name_get_creds_sync, the process cannot obtain the unique uid and pid of the process, and thus cannot verify the permissions of the requesting process. The biggest threat of this vulnerability is the impact on data confidentiality and system availability.

An attacker could exploit this vulnerability to allow unprivileged local users to gain system shell privileges. The vulnerability is very easy to exploit and only requires a few standard command line tools to exploit, see the PoC video for details: https://youtu.be/QZhz64yEd0g

The vulnerability was introduced in the v 0.113 release 7 years ago and was patched on June 3rd. Every Linux system using the vulnerable polkit is affected by the vulnerability.

7-year-old authentication bypass flaw affects most Linux distributions

The Links:   G050VTN01.1 MG50Q6ES40 BEST SOURCE