cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
jbuitron
Contributor I

PWN Kit, All Linux distributions are affected - vulnerable to local privilege escalation

I found out this morning about the local vulnerability that affects virtually every Linux distribution since May of 2009. It is not vulnerable remotely (thank goodness), yet, a person with local privileges could quickly get full root privileges, if they so desired.

 

The National Security Agency (NSA) Cybersecurity Director Rob Joyce noted on Twitter that the bug, he said, "has me concerned." He said: "Easy and reliable privilege escalation preinstalled on every major Linux distribution. Patch ASAP or use the simple chmod 0755 with /usr/bin/pkexec mitigation." So what he's saying there is fix your distro. Or if for some reason you can't, then use the chmod command. That 0755 sets

the permissions to standard executable, not an SUID executable on that program. And he said, he finished his tweet: "There are working proofs of concept in the wild." (Source: Security Now Episode 856 with Steve Gibson)

 

Here is the Qualys announcement, they ‘rediscovered’ the vulnerability, as an Australian hacker named Ryan Mallon did discover it and published it on December 16th 2013.

 

https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation...

 

If you already know about it, great. If not, then there are patches available.

 

Best regards,

 

Dr. Jan Shuyler Buitron

Senior Cybersecurity Systems Engineer

Doctorate of Computer Science in Cybersecurity

Master of Science in Cybersecurity, Valedictorian

CISSP, MCSE, ITIL v3

0 Replies