logo

How Red Hat handled the ‘PwnKit’ vulnerability in the wild

Posted by Marbenz Antonio on July 19, 2022

Improve your hybrid cloud security with these 3 tips

What is the PwnKit vulnerability?

Qualys detected the vulnerability in January 2022 and assigned it the identification CVE-2021-4034. Polkit, formerly known as PolicyKit, is a toolkit for managing system-wide privileges in Unix-like operating systems such as Linux. The toolkit allows non-privileged processes to communicate with privileged processes. This enables an authorized user to execute commands as another user in Polkit’s pkexec program by employing suitable local-privilege elevation. Exploiting the bug would allow an unprivileged attacker administrative privileges on the target machine, compromising the host.

PwnKit is the name of the vulnerability. On June 27, 2022, the United States Cybersecurity and Infrastructure Security Agency (CISA) added this vulnerability to its Known Exploited Vulnerability Catalog, with a resolution date of July 18, 2022. This vulnerability has a CVSS v3 score of 7.8, indicating that it is of high severity.

How did Red Hat handle CVE-2021-4034?

In January and February 2022, Red Hat Product Security released errata for CVE-2021-4034. All concerned platforms and packages supported by Red Hat were repaired as of February 7, 2022, well ahead of the CISA deadline of July 18, 2022. Also, Product Security swiftly offered a mitigation strategy for consumers who could not instantly upgrade their software.

How did Red Hat identify and used vulnerabilities in the wild?

Red Hat’s Product Security team continuously monitors active exploits identified by CISA against Red Hat-shipped components. When CISA detects an attack in the public, Red Hat’s Product Security team investigates the implications of the exploitable vulnerability on our portfolio. All errors are addressed in accordance with our life-cycle policies. Product Security will speed a fix if the vulnerability has not yet been fixed in line with the policy (for example, if the vulnerability was not rated Critical or Important).

Security awareness and insight into reported exploits enable us to be proactive in the ever-changing threat landscape, allowing us to repair vulnerabilities that genuinely matter. This enables Red Hat to remain a trusted vendor and partner to our customers.

 


Here at CourseMonster, we know how hard it may be to find the right time and funds for training. We provide effective training programs that enable you to select the training option that best meets the demands of your company.

For more information, please get in touch with one of our course advisers today or contact us at training@coursemonster.com

Verified by MonsterInsights