Linux Polkit权限提升漏洞(CVE-2021-3560) CVE-2021-3560

7.2 AV AC AU C I A
发布: 2022-02-16
修订: 2024-11-21

# Privilege escalation with polkit: How to get root on Linux with a seven- year-old bug ![Image of Kevin Backhouse](https://images.seebug.org/1623742696154-w331s) Kevin Backhouse ](https://github.blog/author/kevinbackhouse/) [polkit](https://gitlab.freedesktop.org/polkit/polkit/) is a system service installed by default on many Linux distributions. It's used by [systemd](https://systemd.io/), so any Linux distribution that uses systemd also uses polkit. As a member of [GitHub Security Lab](https://securitylab.github.com/), my job is to help improve the security of open source software by finding and reporting vulnerabilities. A few weeks ago, I found a privilege escalation vulnerability in polkit. I coordinated the disclosure of the vulnerability with the polkit maintainers and with [Red Hat's security team.](https://access.redhat.com/security/overview/) It was publicly disclosed, the fix was released on June 3, 2021, and it was assigned...

0%
当前有10条漏洞利用/PoC
当前有8条受影响产品信息