Security News

Unprivileged attackers can get a root shell by exploiting an authentication bypass vulnerability in the polkit auth system service installed by default on many modern Linux distributions. The polkit local privilege escalation bug was publicly disclosed, and a fix was released on June 3, 2021.

A seven-year-old privilege escalation vulnerability that's been lurking in several Linux distributions was patched last week in a coordinated disclosure. In a blog post on Thursday, GitHub security researcher Kevin Backhouse recounted how he found the bug in a service called polkit associated with systemd, a common Linux system and service manager component.

A seven-year-old privilege escalation vulnerability discovered in the polkit system service could be exploited by a malicious unprivileged local attacker to bypass authorization and escalate permissions to the root user. Tracked as CVE-2021-3560, the flaw affects polkit versions between 0.113 and 0.118 and was discovered by GitHub security researcher Kevin Backhouse, who said the issue was introduced in a code commit made on Nov. 9, 2013.

USENIX, the not-for-profit advanced computing association, has decided to put an end to its beloved LISA sysadmin conferences, at least as a standalone event. In an online announcement, the LISA steering committee said that after 35 years of producing the "Best systems engineering content" the event "Will no longer be scheduled as a standalone conference."

Cisco has fixed critical SD-WAN vManage and HyperFlex HX software security flaws that could enable remote attackers to execute commands as root or create rogue admin accounts. Cisco SD-WAN vManage Software vulnerabilities patched today by Cisco could enable unauthenticated, remote attackers to execute arbitrary code or access sensitive information.

Cisco has released security updates to address a critical pre-authentication remote code execution vulnerability affecting SD-WAN vManage Software's remote management component. The company fixed two other high-severity security vulnerabilities in the user management and system file transfer functions of the same product allowing attackers to escalate privileges.

Elastic announced new features and updates across the Elastic Observability solution in the 7.12 release to accelerate root cause analysis and enable unified monitoring. Expanded capabilities include Elastic APM correlations, autoscaling, and support for ARM processor-based infrastructure.

Three vulnerabilities found in the iSCSI subsystem of the Linux kernel could allow local attackers with basic user privileges to gain root privileges on unpatched Linux systems. GRIMM researchers discovered the bugs 15 years after they were introduced in 2006 during the initial development stages of the iSCSI kernel subsystem.

Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system. Sudo is a common utility built into most Unix and Linux operating systems that lets a user without security privileges access and run a program with the credentials of another user.

Apple has fixed a sudo vulnerability in macOS Big Sur, Catalina, and Mojave, allowing any local user to gain root-level privileges. Last month, security researchers at Qualys disclosed the SUDO CVE-2021-3156 vulnerability, aka Baron Samedit, that allowed them to gain root privileges on multiple Linux distributions, including Debian, Ubuntu, and Fedora 33.