Chiwopsezo (CVE-2021-3560) chadziwika mu gawo la Polkit, lomwe limagwiritsidwa ntchito pogawa kuti alole ogwiritsa ntchito opanda mwayi kuchita zinthu zomwe zimafuna ufulu wopezeka (mwachitsanzo, kuyika USB drive), yomwe imalola wogwiritsa ntchito wamba. kupeza ufulu mizu mu dongosolo. Chiwopsezocho chimakhazikika mu mtundu wa Polkit 0.119.
Vutoli lidakhalapo kuyambira pomwe 0.113 idatulutsidwa, koma magawo ambiri, kuphatikiza RHEL, Ubuntu, Debian, ndi SUSE, adabweza zomwe zidakhudzidwazo m'maphukusi kutengera kutulutsa kwakale kwa Polkit (zokonza phukusi zilipo kale pakugawa).
Vutoli limadziwonetsera mu polkit_system_bus_name_get_creds_sync() ntchito, yomwe imapeza zozindikiritsa (uid ndi pid) za njira yopempha kukwezedwa kwa mwayi. Njira imazindikiridwa ndi Polkit popereka dzina lapadera mu DBus, lomwe limagwiritsidwa ntchito kutsimikizira mwayi. Ngati ndondomeko ichotsedwa ku dbus-daemon polkit_system_bus_name_get_creds_sync handler isanayambe, wothandizira amalandira code yolakwika m'malo mwa dzina lapadera.
Chiwopsezochi chimadza chifukwa chakuti nambala yolakwika yomwe yabwezedwa sinasinthidwe bwino ndipo polkit_system_bus_name_get_creds_sync() ntchito imabwerera TRUE m'malo mwa FALSE, ngakhale kuti sinathe kufananiza ndondomekoyi ndi uid/pid ndikutsimikizira mwayi womwe wafunsidwa. Khodi yomwe polkit_system_bus_name_get_creds_sync() ntchito idatchedwa imaganiza kuti chekeyo idapambana ndipo pempho lokulitsa mwayi lidachokera muzu osati kwa wogwiritsa ntchito wopanda mwayi, zomwe zimapangitsa kuti zitheke kuchita mwamwayi popanda kutsimikizika kowonjezera ndi kutsimikizira zidziwitso.
Source: opennet.ru