Security News > 2021 > June > Seven-year-old make-me-root bug in Linux service polkit patched

A seven-year-old privilege escalation vulnerability that's been lurking in several Linux distributions was patched last week in a coordinated disclosure.

In a blog post on Thursday, GitHub security researcher Kevin Backhouse recounted how he found the bug in a service called polkit associated with systemd, a common Linux system and service manager component.

Introduced in commit bfa5036 seven years ago and initially shipped in polkit version 0.113, the bug traveled different paths in different Linux distributions.

Formerly known as PolicyKit, polkit is a service that evaluates whether specific Linux activities require higher privileges than those currently available.

"The vulnerability is triggered by starting a dbus-send command but killing it while polkit is still in the middle of processing the request," explained Backhouse.

"In fact, polkit mishandles the error in a particularly unfortunate way: rather than rejecting the request, it treats the request as though it came from a process with UID 0," explains Backhouse.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/06/11/linux_polkit_package_patched/