If you do not live in a cave and you are up to date with technological information, it is more than possible that you have encountered the news of a vulnerability that affects almost any Linux distribution and had been there for more than twelve years, without anyone knowingher;A very simple vulnerability to exploit according to researchers who have discovered it, thanks to which an attacker could perpetrate a privilege escalation and gain administrator permits.
If you had not yet learned, relax, because almost all the big distros have already emitted the patch that closes the hole.With you have the updates of your system a day, you are covered.
But what is that vulnerability, you ask yourself?What component is the affected?This is PKEXEC, one of the polycykit tools used to execute applications with administrator privileges.Pollykit, now Polkit, is the standard component responsible for managing processes with privileges in Linux systems.In any case, it is not a part of the Linux kernel as such, hence Linux distributions are talked about.
All information related to this discovery is in this article by Qualys, a company that has discovered and alerted the ruling.In fact, there is all the information, except a viable method to exploit the hole, because they are waiting for the main distributions to have launched their patches.
The funny thing about the case is that vulnerability is old, yes, but ... was it unblocking?No: the error was not only present in the PKEXEC code from practically its first version, that is, since the tool saw the light, but there is an independent developer that in 2013 gave the alarm, even sendingA patch that, apparently, never integrated.
http: // bit.LY/7ndvi2 Troubleshooting NTFS SYS Blue Screen of Death - How To Fix NTFS Sys Error... http: // bit.ly/cDYulW http: // bit.Ly/7ndvi2
— Shally Disoza Thu Sep 23 13:13:50 +0000 2010
The only thing that did not get the guy was a viable way to exploit the hole;Or said with other words, all software has errors, but only when these errors are a risk for security, it is when they are called vulnerabilities.The question in this specific case is whether someone discovered the problem before and shut it up.
Namely;But I will take advantage of the time to answer an issue, or perhaps a reproach, that you throw us from time to time, coinciding with news like this, which in a very Llinux we usually pass by.Well, it is not about "hiding" Linux's problems, much less: it is that all software is likely to suffer this kind of inconveniences and it is very boring information to cover, especially when there is no risk, but thatIt serves only to write flashy headlines that only confuse.
And for sample, a button: this one that concerns us, because as with 99% of these vulnerabilities, this cannot be exploited remotely, but it is necessary to have physical access to the equipment.If you add the news from the hand of the patch, there is why we only pick up this news from time to time.
Image: Pixabay