Launchpad.net

CVE 2021-4034

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

Related bugs and status

CVE-2021-4034 (Candidate) is related to these bugs:

Bug #1960087: CVE-2021-4034 polkit privilege escalation

Summary				In	Importance	Status
	1960087	CVE-2021-4034 polkit privilege escalation		StarlingX	Medium	Fix Released

Bug #1972654: [security review] Sync policykit-1 121+compat0.1-5 (main) from Debian unstable

Summary				In	Importance	Status
	1972654	[security review] Sync policykit-1 121+compat0.1-5 (main) from Debian unstable		policykit-1 (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2021-4034

Related bugs and status

Related bugs

References