HomesecurityLinux bug allows you to open root shell in most distributions

Linux bug allows you to open root shell in most distributions

Unauthorized attackers can obtain a root shell by exploiting an authentication bypass vulnerability in the polkit system service that is installed by default on many modern Linux distributions.


See also: How to use Newsboat RSS Feed Reader on Linux?

The local polkit scaling error (referred to as CVE-2021-3560) was publicly disclosed and a patch was released on June 3, 2021.

It was introduced seven years ago in version 0.113 and was recently discovered by GitHub Security Lab researcher Kevin Backhouse.

See also: Lakka Linux 3.0 Released: Gaming Distro Has New Features!

Although many Linux distributions have not been released with the vulnerable polkit version until recently, any Linux system with polkit 0.113 or later installed is exposed to attacks.

The list of vulnerable distributions announced by Backhouse includes popular distros such as RHEL 8, Fedora 21 (or later), Ubuntu 20.04, as well as unstable versions such as Debian testing ("bullseye").

Taking advantage of the vulnerability is surprisingly easy as you only need a few terminal commands using only standard tools like bash, kill and dbus-send - a video demo provided by Backhouse is embedded below.

The researcher says the vulnerability is "very simple and fast to exploit, so it's important to update your Linux installation as soon as possible."

See also: Researchers have discovered Linux malware that has been infecting systems for years!

Technical details about the architecture of the polkit and how to exploit the vulnerability are provided by the security researcher in this suspension.

Source of information:

Teo Ehc
Be the limited edition.