Headline

RHSA-2022:0269: Red Hat Security Advisory: polkit security update

An update for polkit is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

CVE-2021-4034: polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector

3 years ago

Red Hat Security Data

Open in Source

#vulnerability #web #linux #red_hat #nodejs #js #java #kubernetes

Skip to navigation Skip to main content

Utilities

Subscriptions
Downloads
Containers
Support Cases

Red Hat Customer Portal

Infrastructure and Management

Red Hat Enterprise Linux
Red Hat Virtualization
Red Hat Identity Management
Red Hat Directory Server
Red Hat Certificate System
Red Hat Satellite
Red Hat Subscription Management
Red Hat Update Infrastructure
Red Hat Insights
Red Hat Ansible Automation Platform

Cloud Computing

Red Hat OpenShift
Red Hat CloudForms
Red Hat OpenStack Platform
Red Hat OpenShift Container Platform
Red Hat OpenShift Data Science
Red Hat OpenShift Online
Red Hat OpenShift Dedicated
Red Hat Advanced Cluster Security for Kubernetes
Red Hat Advanced Cluster Management for Kubernetes
Red Hat Quay
Red Hat CodeReady Workspaces
Red Hat OpenShift Service on AWS

Storage

Red Hat Gluster Storage
Red Hat Hyperconverged Infrastructure
Red Hat Ceph Storage
Red Hat OpenShift Data Foundation

Runtimes

Red Hat Runtimes
Red Hat JBoss Enterprise Application Platform
Red Hat Data Grid
Red Hat JBoss Web Server
Red Hat Single Sign On
Red Hat support for Spring Boot
Red Hat build of Node.js
Red Hat build of Thorntail
Red Hat build of Eclipse Vert.x
Red Hat build of OpenJDK
Red Hat build of Quarkus
Red Hat CodeReady Studio

Integration and Automation

Red Hat Process Automation
Red Hat Process Automation Manager
Red Hat Decision Manager

All Products

Issued:

2022-01-25

Updated:

2022-01-25

RHSA-2022:0269 - Security Advisory

Overview
Updated Packages

Synopsis

Important: polkit security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for polkit is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.

Security Fix(es):

polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x

Fixes

BZ - 2025869 - CVE-2021-4034 polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector

References

https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM

polkit-0.96-11.el6_10.2.src.rpm

SHA-256: 47f6e9e77c06daf1e4b04310af9625163b92226857b8319b90c5e02099614911

x86_64

polkit-0.96-11.el6_10.2.i686.rpm

SHA-256: 72ae8f58b63e610f6debc06f78a77ad8baa32bc963c8a34064949da1d60b98ac

polkit-0.96-11.el6_10.2.x86_64.rpm

SHA-256: 84112eed43de4d7f3d532485ad6171e485b6311f1c0e4b99df44821bf573b2ef

polkit-debuginfo-0.96-11.el6_10.2.i686.rpm

SHA-256: 46a0932f1be4ce6d915391892a8972f0053d5a03ff03486e3ba0d5ca262fe8b0

polkit-debuginfo-0.96-11.el6_10.2.x86_64.rpm

SHA-256: b16a8d38606dedc19a51eef02428a3685b7ca1ffcf3851ac45844387add843b5

polkit-desktop-policy-0.96-11.el6_10.2.noarch.rpm

SHA-256: b38eeaa6e66886250e840d05c1373c33639211c9b7277b5db80cd91b1356541c

polkit-devel-0.96-11.el6_10.2.i686.rpm

SHA-256: 19cc15d6ac81978f7d4b77c21f726d0a37077035a0ac3b33b1afc854a94c5902

polkit-devel-0.96-11.el6_10.2.x86_64.rpm

SHA-256: d612b1617808a9e4e340e0ecc55f94a4ac8cd44a25f94f7dd2bbbd97c5e3921f

polkit-docs-0.96-11.el6_10.2.x86_64.rpm

SHA-256: faf7222008f47ad624475ef1999f06a09fbf0fcf946cedb8a7949da92ba730ea

i386

polkit-0.96-11.el6_10.2.i686.rpm

SHA-256: 72ae8f58b63e610f6debc06f78a77ad8baa32bc963c8a34064949da1d60b98ac

polkit-debuginfo-0.96-11.el6_10.2.i686.rpm

SHA-256: 46a0932f1be4ce6d915391892a8972f0053d5a03ff03486e3ba0d5ca262fe8b0

polkit-desktop-policy-0.96-11.el6_10.2.noarch.rpm

SHA-256: b38eeaa6e66886250e840d05c1373c33639211c9b7277b5db80cd91b1356541c

polkit-devel-0.96-11.el6_10.2.i686.rpm

SHA-256: 19cc15d6ac81978f7d4b77c21f726d0a37077035a0ac3b33b1afc854a94c5902

polkit-docs-0.96-11.el6_10.2.i686.rpm

SHA-256: 466c3faa216c24313e69c3ae21ef8e0a8c93afbea9c88f1ee63e1ba8ea8e2cea

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6

SRPM

polkit-0.96-11.el6_10.2.src.rpm

SHA-256: 47f6e9e77c06daf1e4b04310af9625163b92226857b8319b90c5e02099614911

s390x

polkit-0.96-11.el6_10.2.s390.rpm

SHA-256: d17858601a9a7ee2b7f5d9a1549041bb4cfacd430694ddb9c42eb81bd6199b05

polkit-0.96-11.el6_10.2.s390x.rpm

SHA-256: 890b0b80147a9174eb1a33516a5f6ce2bc79c7e16c95421b2d2f33c3caec0c55

polkit-debuginfo-0.96-11.el6_10.2.s390.rpm

SHA-256: 040825575846aca4caeb20bce5225d73d0d1350d959876b0d4253b59dd28936d

polkit-debuginfo-0.96-11.el6_10.2.s390x.rpm

SHA-256: adc221ab210216de1ff9d3a514809c634d3b23d491ad9e6934c14e1fb6eda98d

polkit-desktop-policy-0.96-11.el6_10.2.noarch.rpm

SHA-256: b38eeaa6e66886250e840d05c1373c33639211c9b7277b5db80cd91b1356541c

polkit-devel-0.96-11.el6_10.2.s390.rpm

SHA-256: 08d8cfa08b5b06a6646d9d8f4c857437d8d965f18803b9e6caeaa9e8655f8978

polkit-devel-0.96-11.el6_10.2.s390x.rpm

SHA-256: da182a0bdecd05149b79670da617abb94d250a0135431311c1f94f18c030a64f

polkit-docs-0.96-11.el6_10.2.s390x.rpm

SHA-256: 5293fb06dcbf4c8b55c2ac804f7897716cd989e0c3effd6689578b5473748898

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

2 years ago

Red Hat Security Data

RHSA-2023:5628: Red Hat Security Advisory: kernel security and bug fix update

2 years ago

Red Hat Security Data

RHSA-2023:5622: Red Hat Security Advisory: kernel security and bug fix update

2 years ago

Red Hat Security Data

RHSA-2023:5615: Red Hat Security Advisory: libssh2 security update

2 years ago

Red Hat Security Data

RHSA-2023:5616: Red Hat Security Advisory: python-reportlab security update

2 years ago

Red Hat Security Data