A seven-year-old make-me-root problem in the Linux kernel has been fixed

Electromagnetic Lock Market Size and Growth 2021-2027

In a blog post on Thursday, GitHub security researcher Kevin Backhouse recounted how he found the bug (CVE-2021-3560) in a service called polkit associated with systemd, a common Linux system and service manager component.

A seven-year-old privilege escalation vulnerability that’s been lurking in several Linux distributions was patched last week in a coordinated disclosure.

Introduced in commit bfa5036 seven years ago and initially shipped in polkit version 0.113, the bug traveled different paths in different Linux distributions. For example, it missed Debian 10 but it made it to the unstable version of Debian, upon which other distros like Ubuntu are based.

Formerly known as PolicyKit, polkit is a service that evaluates whether specific Linux activities require higher privileges than those currently available. It comes into play if, for example, you try to create a new user account.

Backhouse says the flaw is surprisingly easy to exploit, requiring only a few commands using standard terminal tools like bash, kill, and dbus-send.

“The vulnerability is triggered by starting a dbus-send command but killing it while polkit is still in the middle of processing the request,” explained Backhouse.

Killing dbus-send – an interprocess communication command – in the midst of an authentication request causes an error that arises from polkit asking for the UID of a connection that no longer exists (because the connection was killed).

The News Highlights

  • A seven-year-old make-me-root problem in the Linux kernel has been fixed
  • Check the latest update on Security news
  • .

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
Henderson Winery Says Its Customers Saved The Deal

Henderson Winery Says Its Customers Saved The Deal

“We get our fruit from Gilcrease. We’ve been doing that now for a couple of years. Our cider is very very good,” says Patty. GILCREASE FRUIT Their ...
Inside the $ 7 billion merger of Sequoia Financial and Wealthstone Advisors

Pioneering AINU Community-Driven Crypto Network

The views, suggestions, and opinions expressed here are the sole responsibility of the experts. Do your own research before making a financial decision related ...
With iOS 15, Apple makes it simple for game creators to add on-screen controls to their games

Top Early Apple Watch Savings Identified by Deal Stripe for Prime Day Apple Watch Series 6, SE, 5, 4, 3 Deals 2021

Best Apple Watch deals: BOSTON–(BUSINESS WIRE)–Here’s a list of the top early Apple Watch SE, Series 6, 5, 4 & 3 deals for Prime Day, featuring offers ...
THE ADMINISTRATOR OF THE HEALTH DEPARTMENT EXPLAINS THE COVID-19 “ADVANCED CASES” |  News

THE ADMINISTRATOR OF THE HEALTH DEPARTMENT EXPLAINS THE COVID-19 “ADVANCED CASES” | News

For more information, call (660) 886-3434. Brewer says the health department is holding open clinics every Thursday for anyone who is interested in getting ...
Tronsmart announced big discounts for its 8th anniversary

Tronsmart announced big discounts for its 8th anniversary

As of today, Tronsmart has announced huge discounts on the occasion of its 8th anniversary, as well as a raffle with exciting gifts for the lucky ones. On ...
Health Calendar – June 15 |  Health

Health Calendar – June 15 | Health

— 5 to 7 p.m. June 25, Municipal Building parking lot, 615 E. Main St., Thurmont — noon to 6 p.m. daily, Rockledge Plaza, 1100 W. Patrick St., Unit H (above ...
Faceoff bewteen Apple MacBook Pro & Microsoft Surface Laptop 4

BGR reviews the AirPods Pro, MacBook Air, and more

Amazon Prime Day is on the way, and it’s set to boast incredible deals on a huge range of products. But while there will definitely be great deals on Amazon ...
BillionToOne Names Nipun Soni, CFA, CPA as First CFO

BillionToOne Names Nipun Soni, CFA, CPA as First CFO

Related Imagesimage1.jpg Inquiries:For any media inquiries, contact SOURCE BillionToOne Inc. “I am very excited to join BillionToOne and be part of this ...
The Dunkirk Foundry Agreement provides a window into GFG's complex financing web

Your COVID-19 vaccine will have the greatest impact outside the US

Meanwhile, the U.S. has become a mixed bag of highly vaccinated and highly unvaccinated populations. For those hesitant of newer platforms like the messenger ...
At the Xbox Games Showcase, A Plague Tale: Requiem was announced

At the Xbox Games Showcase, A Plague Tale: Requiem was announced

06/14 A PLAGUE TALE : Requiem revealed at the Microsoft Xbox Games Showcase during E3 2021 PU 06/14 A PLAGUE TALE : Requiem revealed at Xbox Games Showcase ...
Show next
Compsmag - Latest News from tech, business and health
Logo