Action not permitted
Modal body text goes here.
cve-2021-4034
Vulnerability from cvelistv5
Published
2022-01-28 00:00
Modified
2025-02-13 16:28
Severity ?
EPSS score ?
Summary
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-09-23T18:05:54.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/pwnkit-pkexec-lpe-cve-2021-4034"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.suse.com/support/kb/doc/?id=000020564"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.starwindsoftware.com/security/sw-20220818-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-4034",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T14:58:14.217207Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-06-27",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-4034"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T14:58:43.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "polkit",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "(CWE-787|CWE-125)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-18T00:16:44.133Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"url": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html"
},
{
"url": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html"
},
{
"url": "https://www.suse.com/support/kb/doc/?id=000020564"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf"
},
{
"url": "https://www.starwindsoftware.com/security/sw-20220818-0001/"
},
{
"url": "https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-4034",
"datePublished": "2022-01-28T00:00:00.000Z",
"dateReserved": "2021-11-29T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:28:29.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-4034\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2022-01-28T20:15:12.193\",\"lastModified\":\"2025-04-03T18:53:12.960\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad de escalada de privilegios local en la utilidad pkexec de polkit. La aplicaci\u00f3n pkexec es una herramienta setuid dise\u00f1ada para permitir a usuarios sin privilegios ejecutar comandos como usuarios privilegiados de acuerdo con pol\u00edticas predefinidas. La versi\u00f3n actual de pkexec no maneja correctamente el recuento de par\u00e1metros de llamada y termina intentando ejecutar variables de entorno como comandos. Un atacante puede aprovechar esto creando variables de entorno de tal manera que induzcan a pkexec a ejecutar c\u00f3digo arbitrario. Cuando se ejecuta con \u00e9xito, el ataque puede provocar una escalada de privilegios locales otorgando a los usuarios sin privilegios derechos administrativos en la m\u00e1quina de destino.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-06-27\",\"cisaActionDue\":\"2022-07-18\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Red Hat Polkit Out-of-Bounds Read and Write Vulnerability\",\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polkit_project:polkit:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"121\",\"matchCriteriaId\":\"F01D94C9-1E04-413B-8636-1AAC6D9E84D6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB70A2F8-EAB3-4898-9353-F679FF721C82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB3AC848-C2D0-4878-8619-F5815173555D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"831F0F47-3565-4763-B16F-C87B1FF2035E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"566507B6-AC95-47F7-A3FB-C6F414E45F51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87C21FE1-EA5C-498F-9C6C-D05F91A88217\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AB105EC-19F9-424A-86F1-305A6FD74A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C9BD9AE-46FC-4609-8D99-A3CFE91D58D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CDCFF34-6F1D-45A1-BE37-6A0E17B04801\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47811209-5CE5-4375-8391-B0A7F6A0E420\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EB6F417-25D0-4A28-B7BA-D21929EAA9E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5C80DB2-4A78-4EC9-B2A8-1E4D902C4834\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"983533DD-3970-4A37-9A9C-582BD48AA1E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37CE1DC7-72C5-483C-8921-0B462C8284D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98381E61-F082-4302-B51F-5648884F998B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99A687E-EAE6-417E-A88E-D0082BC194CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7431ABC1-9252-419E-8CC1-311B41360078\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6897676D-53F9-45B3-B27F-7FF9A4C58D33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E28F226A-CBC7-4A32-BE58-398FA5B42481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61917784-47F1-4328-BA1F-A88C5E23496B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17F256A9-D3B9-4C72-B013-4EFD878BFEA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B09ACF2D-D83F-4A86-8185-9569605D8EE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC10D919-57FD-4725-B8D2-39ECB476902F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48C2E003-A71C-4D06-B8B3-F93160568182\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3921C1CF-A16D-4727-99AD-03EFFA7C91CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC6DD887-9744-43EA-8B3C-44C6B6339590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"902B8056-9E37-443B-8905-8AA93E2447FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAE4D2D0-CEEB-416F-8BC5-A7987DF56190\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7305944-AC9C-47A3-AADF-71A8B24830D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:-:*:*:*\",\"matchCriteriaId\":\"CDFEA8DC-7D78-4ACD-A95C-9408F45EEAE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9910C73A-3BCD-4F56-8C7D-79CB289640A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5810E98-7BF5-42E2-9DE9-661049ABE367\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C4F62C0-4188-433A-8292-559025CA23C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:-:*:*\",\"matchCriteriaId\":\"07D416C5-4A0F-4EF3-A3DE-A028AAA4F739\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:sap:*:*\",\"matchCriteriaId\":\"F6C1736B-0505-4C19-98B7-90C8359F3BCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"243B9B56-C744-4C1C-B42E-158C1B041B6A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFC79B17-E9D2-44D5-93ED-2F959E7A3D43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD04BEE5-E9A8-4584-A68C-0195CE9C402C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3E503FB-6279-4D4A-91D8-E237ECF9D2B0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinumerik_edge:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.3.0\",\"matchCriteriaId\":\"D069EA07-88A5-4058-A2BC-44F94D9ACC9A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0\",\"matchCriteriaId\":\"9FC41AD4-69E5-48D8-8216-671F485C3C40\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52A77C9D-E59C-4397-B834-797D7B334A6B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:starwindsoftware:command_center:1.0:update3_build5871:*:*:*:*:*:*\",\"matchCriteriaId\":\"B323EF31-7A67-4458-8323-86F8AA58268C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build14338:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AF427F-BC75-40C7-9579-34A74E2E475D\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/RHSB-2022-001\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2025869\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.starwindsoftware.com/security/sw-20220818-0001/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.suse.com/support/kb/doc/?id=000020564\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/RHSB-2022-001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2025869\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.starwindsoftware.com/security/sw-20220818-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.suse.com/support/kb/doc/?id=000020564\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/pwnkit-pkexec-lpe-cve-2021-4034\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
}
}
rhsa-2022_0272
Vulnerability from csaf_redhat
Published
2022-01-25 18:30
Modified
2024-09-13 17:32
Summary
Red Hat Security Advisory: polkit security update
Notes
Topic
An update for polkit is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for polkit is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0272",
"url": "https://access.redhat.com/errata/RHSA-2022:0272"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0272.json"
}
],
"title": "Red Hat Security Advisory: polkit security update",
"tracking": {
"current_release_date": "2024-09-13T17:32:11+00:00",
"generator": {
"date": "2024-09-13T17:32:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0272",
"initial_release_date": "2022-01-25T18:30:35+00:00",
"revision_history": [
{
"date": "2022-01-25T18:30:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T18:30:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T17:32:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.4::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-12.el7_4.2.src",
"product": {
"name": "polkit-0:0.112-12.el7_4.2.src",
"product_id": "polkit-0:0.112-12.el7_4.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-12.el7_4.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-12.el7_4.2.x86_64",
"product": {
"name": "polkit-0:0.112-12.el7_4.2.x86_64",
"product_id": "polkit-0:0.112-12.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-12.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-12.el7_4.2.x86_64",
"product": {
"name": "polkit-devel-0:0.112-12.el7_4.2.x86_64",
"product_id": "polkit-devel-0:0.112-12.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-12.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-12.el7_4.2.x86_64",
"product": {
"name": "polkit-debuginfo-0:0.112-12.el7_4.2.x86_64",
"product_id": "polkit-debuginfo-0:0.112-12.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-12.el7_4.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-12.el7_4.2.i686",
"product": {
"name": "polkit-0:0.112-12.el7_4.2.i686",
"product_id": "polkit-0:0.112-12.el7_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-12.el7_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-12.el7_4.2.i686",
"product": {
"name": "polkit-devel-0:0.112-12.el7_4.2.i686",
"product_id": "polkit-devel-0:0.112-12.el7_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-12.el7_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-12.el7_4.2.i686",
"product": {
"name": "polkit-debuginfo-0:0.112-12.el7_4.2.i686",
"product_id": "polkit-debuginfo-0:0.112-12.el7_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-12.el7_4.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-docs-0:0.112-12.el7_4.2.noarch",
"product": {
"name": "polkit-docs-0:0.112-12.el7_4.2.noarch",
"product_id": "polkit-docs-0:0.112-12.el7_4.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.112-12.el7_4.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-12.el7_4.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.i686"
},
"product_reference": "polkit-0:0.112-12.el7_4.2.i686",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-12.el7_4.2.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.src"
},
"product_reference": "polkit-0:0.112-12.el7_4.2.src",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-12.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.x86_64"
},
"product_reference": "polkit-0:0.112-12.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-12.el7_4.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:polkit-debuginfo-0:0.112-12.el7_4.2.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-12.el7_4.2.i686",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-12.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:polkit-debuginfo-0:0.112-12.el7_4.2.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-12.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-12.el7_4.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:polkit-devel-0:0.112-12.el7_4.2.i686"
},
"product_reference": "polkit-devel-0:0.112-12.el7_4.2.i686",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-12.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:polkit-devel-0:0.112-12.el7_4.2.x86_64"
},
"product_reference": "polkit-devel-0:0.112-12.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-12.el7_4.2.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:polkit-docs-0:0.112-12.el7_4.2.noarch"
},
"product_reference": "polkit-docs-0:0.112-12.el7_4.2.noarch",
"relates_to_product_reference": "7Server-7.4.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.src",
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-debuginfo-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-debuginfo-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-devel-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-devel-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-docs-0:0.112-12.el7_4.2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.src",
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-debuginfo-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-debuginfo-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-devel-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-devel-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-docs-0:0.112-12.el7_4.2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0272"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.src",
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-debuginfo-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-debuginfo-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-devel-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-devel-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-docs-0:0.112-12.el7_4.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.src",
"7Server-7.4.AUS:polkit-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-debuginfo-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-debuginfo-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-devel-0:0.112-12.el7_4.2.i686",
"7Server-7.4.AUS:polkit-devel-0:0.112-12.el7_4.2.x86_64",
"7Server-7.4.AUS:polkit-docs-0:0.112-12.el7_4.2.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
}
rhsa-2022_0271
Vulnerability from csaf_redhat
Published
2022-01-25 18:44
Modified
2024-09-13 17:32
Summary
Red Hat Security Advisory: polkit security update
Notes
Topic
An update for polkit is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for polkit is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0271",
"url": "https://access.redhat.com/errata/RHSA-2022:0271"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0271.json"
}
],
"title": "Red Hat Security Advisory: polkit security update",
"tracking": {
"current_release_date": "2024-09-13T17:32:29+00:00",
"generator": {
"date": "2024-09-13T17:32:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0271",
"initial_release_date": "2022-01-25T18:44:19+00:00",
"revision_history": [
{
"date": "2022-01-25T18:44:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T18:44:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T17:32:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:7.6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:7.6::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-18.el7_6.3.src",
"product": {
"name": "polkit-0:0.112-18.el7_6.3.src",
"product_id": "polkit-0:0.112-18.el7_6.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-18.el7_6.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-18.el7_6.3.x86_64",
"product": {
"name": "polkit-0:0.112-18.el7_6.3.x86_64",
"product_id": "polkit-0:0.112-18.el7_6.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-18.el7_6.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-18.el7_6.3.x86_64",
"product": {
"name": "polkit-devel-0:0.112-18.el7_6.3.x86_64",
"product_id": "polkit-devel-0:0.112-18.el7_6.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-18.el7_6.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"product": {
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"product_id": "polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-18.el7_6.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-18.el7_6.3.i686",
"product": {
"name": "polkit-0:0.112-18.el7_6.3.i686",
"product_id": "polkit-0:0.112-18.el7_6.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-18.el7_6.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-18.el7_6.3.i686",
"product": {
"name": "polkit-devel-0:0.112-18.el7_6.3.i686",
"product_id": "polkit-devel-0:0.112-18.el7_6.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-18.el7_6.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"product": {
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"product_id": "polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-18.el7_6.3?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-docs-0:0.112-18.el7_6.3.noarch",
"product": {
"name": "polkit-docs-0:0.112-18.el7_6.3.noarch",
"product_id": "polkit-docs-0:0.112-18.el7_6.3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.112-18.el7_6.3?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-18.el7_6.3.ppc64le",
"product": {
"name": "polkit-0:0.112-18.el7_6.3.ppc64le",
"product_id": "polkit-0:0.112-18.el7_6.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-18.el7_6.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-18.el7_6.3.ppc64le",
"product": {
"name": "polkit-devel-0:0.112-18.el7_6.3.ppc64le",
"product_id": "polkit-devel-0:0.112-18.el7_6.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-18.el7_6.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.ppc64le",
"product": {
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.ppc64le",
"product_id": "polkit-debuginfo-0:0.112-18.el7_6.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-18.el7_6.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-18.el7_6.3.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.i686"
},
"product_reference": "polkit-0:0.112-18.el7_6.3.i686",
"relates_to_product_reference": "7Server-7.6.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-18.el7_6.3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.src"
},
"product_reference": "polkit-0:0.112-18.el7_6.3.src",
"relates_to_product_reference": "7Server-7.6.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-18.el7_6.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.x86_64"
},
"product_reference": "polkit-0:0.112-18.el7_6.3.x86_64",
"relates_to_product_reference": "7Server-7.6.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS:polkit-debuginfo-0:0.112-18.el7_6.3.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"relates_to_product_reference": "7Server-7.6.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"relates_to_product_reference": "7Server-7.6.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-18.el7_6.3.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS:polkit-devel-0:0.112-18.el7_6.3.i686"
},
"product_reference": "polkit-devel-0:0.112-18.el7_6.3.i686",
"relates_to_product_reference": "7Server-7.6.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-18.el7_6.3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS:polkit-devel-0:0.112-18.el7_6.3.x86_64"
},
"product_reference": "polkit-devel-0:0.112-18.el7_6.3.x86_64",
"relates_to_product_reference": "7Server-7.6.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-18.el7_6.3.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS:polkit-docs-0:0.112-18.el7_6.3.noarch"
},
"product_reference": "polkit-docs-0:0.112-18.el7_6.3.noarch",
"relates_to_product_reference": "7Server-7.6.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-18.el7_6.3.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.i686"
},
"product_reference": "polkit-0:0.112-18.el7_6.3.i686",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-18.el7_6.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.ppc64le"
},
"product_reference": "polkit-0:0.112-18.el7_6.3.ppc64le",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-18.el7_6.3.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.src"
},
"product_reference": "polkit-0:0.112-18.el7_6.3.src",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-18.el7_6.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.x86_64"
},
"product_reference": "polkit-0:0.112-18.el7_6.3.x86_64",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.ppc64le"
},
"product_reference": "polkit-debuginfo-0:0.112-18.el7_6.3.ppc64le",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-18.el7_6.3.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.i686"
},
"product_reference": "polkit-devel-0:0.112-18.el7_6.3.i686",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-18.el7_6.3.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.ppc64le"
},
"product_reference": "polkit-devel-0:0.112-18.el7_6.3.ppc64le",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-18.el7_6.3.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.x86_64"
},
"product_reference": "polkit-devel-0:0.112-18.el7_6.3.x86_64",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-18.el7_6.3.noarch as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:polkit-docs-0:0.112-18.el7_6.3.noarch"
},
"product_reference": "polkit-docs-0:0.112-18.el7_6.3.noarch",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-18.el7_6.3.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.i686"
},
"product_reference": "polkit-0:0.112-18.el7_6.3.i686",
"relates_to_product_reference": "7Server-7.6.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-18.el7_6.3.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.src"
},
"product_reference": "polkit-0:0.112-18.el7_6.3.src",
"relates_to_product_reference": "7Server-7.6.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-18.el7_6.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.x86_64"
},
"product_reference": "polkit-0:0.112-18.el7_6.3.x86_64",
"relates_to_product_reference": "7Server-7.6.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS:polkit-debuginfo-0:0.112-18.el7_6.3.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"relates_to_product_reference": "7Server-7.6.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-18.el7_6.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"relates_to_product_reference": "7Server-7.6.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-18.el7_6.3.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS:polkit-devel-0:0.112-18.el7_6.3.i686"
},
"product_reference": "polkit-devel-0:0.112-18.el7_6.3.i686",
"relates_to_product_reference": "7Server-7.6.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-18.el7_6.3.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS:polkit-devel-0:0.112-18.el7_6.3.x86_64"
},
"product_reference": "polkit-devel-0:0.112-18.el7_6.3.x86_64",
"relates_to_product_reference": "7Server-7.6.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-18.el7_6.3.noarch as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS:polkit-docs-0:0.112-18.el7_6.3.noarch"
},
"product_reference": "polkit-docs-0:0.112-18.el7_6.3.noarch",
"relates_to_product_reference": "7Server-7.6.TUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-docs-0:0.112-18.el7_6.3.noarch",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-docs-0:0.112-18.el7_6.3.noarch",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-docs-0:0.112-18.el7_6.3.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-docs-0:0.112-18.el7_6.3.noarch",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-docs-0:0.112-18.el7_6.3.noarch",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-docs-0:0.112-18.el7_6.3.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0271"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-docs-0:0.112-18.el7_6.3.noarch",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-docs-0:0.112-18.el7_6.3.noarch",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-docs-0:0.112-18.el7_6.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.AUS:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.AUS:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.AUS:polkit-docs-0:0.112-18.el7_6.3.noarch",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.E4S:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.ppc64le",
"7Server-7.6.E4S:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.E4S:polkit-docs-0:0.112-18.el7_6.3.noarch",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.src",
"7Server-7.6.TUS:polkit-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-debuginfo-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-debuginfo-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-devel-0:0.112-18.el7_6.3.i686",
"7Server-7.6.TUS:polkit-devel-0:0.112-18.el7_6.3.x86_64",
"7Server-7.6.TUS:polkit-docs-0:0.112-18.el7_6.3.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
}
rhsa-2022_0265
Vulnerability from csaf_redhat
Published
2022-01-25 18:04
Modified
2024-09-13 17:32
Summary
Red Hat Security Advisory: polkit security update
Notes
Topic
An update for polkit is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for polkit is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0265",
"url": "https://access.redhat.com/errata/RHSA-2022:0265"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0265.json"
}
],
"title": "Red Hat Security Advisory: polkit security update",
"tracking": {
"current_release_date": "2024-09-13T17:32:55+00:00",
"generator": {
"date": "2024-09-13T17:32:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0265",
"initial_release_date": "2022-01-25T18:04:10+00:00",
"revision_history": [
{
"date": "2022-01-25T18:04:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T18:04:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T17:32:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-11.el8_2.2.src",
"product": {
"name": "polkit-0:0.115-11.el8_2.2.src",
"product_id": "polkit-0:0.115-11.el8_2.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-11.el8_2.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-11.el8_2.2.aarch64",
"product": {
"name": "polkit-0:0.115-11.el8_2.2.aarch64",
"product_id": "polkit-0:0.115-11.el8_2.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-11.el8_2.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-11.el8_2.2.aarch64",
"product": {
"name": "polkit-devel-0:0.115-11.el8_2.2.aarch64",
"product_id": "polkit-devel-0:0.115-11.el8_2.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-11.el8_2.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-11.el8_2.2.aarch64",
"product": {
"name": "polkit-libs-0:0.115-11.el8_2.2.aarch64",
"product_id": "polkit-libs-0:0.115-11.el8_2.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-11.el8_2.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-11.el8_2.2.aarch64",
"product": {
"name": "polkit-debugsource-0:0.115-11.el8_2.2.aarch64",
"product_id": "polkit-debugsource-0:0.115-11.el8_2.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-11.el8_2.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.aarch64",
"product": {
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.aarch64",
"product_id": "polkit-debuginfo-0:0.115-11.el8_2.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-11.el8_2.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.aarch64",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.aarch64",
"product_id": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-11.el8_2.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-11.el8_2.2.ppc64le",
"product": {
"name": "polkit-0:0.115-11.el8_2.2.ppc64le",
"product_id": "polkit-0:0.115-11.el8_2.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-11.el8_2.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-11.el8_2.2.ppc64le",
"product": {
"name": "polkit-devel-0:0.115-11.el8_2.2.ppc64le",
"product_id": "polkit-devel-0:0.115-11.el8_2.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-11.el8_2.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-11.el8_2.2.ppc64le",
"product": {
"name": "polkit-libs-0:0.115-11.el8_2.2.ppc64le",
"product_id": "polkit-libs-0:0.115-11.el8_2.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-11.el8_2.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-11.el8_2.2.ppc64le",
"product": {
"name": "polkit-debugsource-0:0.115-11.el8_2.2.ppc64le",
"product_id": "polkit-debugsource-0:0.115-11.el8_2.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-11.el8_2.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"product": {
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"product_id": "polkit-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-11.el8_2.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"product_id": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-11.el8_2.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-11.el8_2.2.x86_64",
"product": {
"name": "polkit-0:0.115-11.el8_2.2.x86_64",
"product_id": "polkit-0:0.115-11.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-11.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-11.el8_2.2.x86_64",
"product": {
"name": "polkit-devel-0:0.115-11.el8_2.2.x86_64",
"product_id": "polkit-devel-0:0.115-11.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-11.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-11.el8_2.2.x86_64",
"product": {
"name": "polkit-libs-0:0.115-11.el8_2.2.x86_64",
"product_id": "polkit-libs-0:0.115-11.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-11.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-11.el8_2.2.x86_64",
"product": {
"name": "polkit-debugsource-0:0.115-11.el8_2.2.x86_64",
"product_id": "polkit-debugsource-0:0.115-11.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-11.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.x86_64",
"product": {
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.x86_64",
"product_id": "polkit-debuginfo-0:0.115-11.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-11.el8_2.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.x86_64",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.x86_64",
"product_id": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-11.el8_2.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-devel-0:0.115-11.el8_2.2.i686",
"product": {
"name": "polkit-devel-0:0.115-11.el8_2.2.i686",
"product_id": "polkit-devel-0:0.115-11.el8_2.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-11.el8_2.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-11.el8_2.2.i686",
"product": {
"name": "polkit-libs-0:0.115-11.el8_2.2.i686",
"product_id": "polkit-libs-0:0.115-11.el8_2.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-11.el8_2.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-11.el8_2.2.i686",
"product": {
"name": "polkit-debugsource-0:0.115-11.el8_2.2.i686",
"product_id": "polkit-debugsource-0:0.115-11.el8_2.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-11.el8_2.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.i686",
"product": {
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.i686",
"product_id": "polkit-debuginfo-0:0.115-11.el8_2.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-11.el8_2.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.i686",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.i686",
"product_id": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-11.el8_2.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-11.el8_2.2.s390x",
"product": {
"name": "polkit-0:0.115-11.el8_2.2.s390x",
"product_id": "polkit-0:0.115-11.el8_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-11.el8_2.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-11.el8_2.2.s390x",
"product": {
"name": "polkit-devel-0:0.115-11.el8_2.2.s390x",
"product_id": "polkit-devel-0:0.115-11.el8_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-11.el8_2.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-11.el8_2.2.s390x",
"product": {
"name": "polkit-libs-0:0.115-11.el8_2.2.s390x",
"product_id": "polkit-libs-0:0.115-11.el8_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-11.el8_2.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-11.el8_2.2.s390x",
"product": {
"name": "polkit-debugsource-0:0.115-11.el8_2.2.s390x",
"product_id": "polkit-debugsource-0:0.115-11.el8_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-11.el8_2.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.s390x",
"product": {
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.s390x",
"product_id": "polkit-debuginfo-0:0.115-11.el8_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-11.el8_2.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.s390x",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.s390x",
"product_id": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-11.el8_2.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-docs-0:0.115-11.el8_2.2.noarch",
"product": {
"name": "polkit-docs-0:0.115-11.el8_2.2.noarch",
"product_id": "polkit-docs-0:0.115-11.el8_2.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.115-11.el8_2.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.aarch64"
},
"product_reference": "polkit-0:0.115-11.el8_2.2.aarch64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.ppc64le"
},
"product_reference": "polkit-0:0.115-11.el8_2.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.s390x"
},
"product_reference": "polkit-0:0.115-11.el8_2.2.s390x",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-11.el8_2.2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.src"
},
"product_reference": "polkit-0:0.115-11.el8_2.2.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.x86_64"
},
"product_reference": "polkit-0:0.115-11.el8_2.2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.aarch64"
},
"product_reference": "polkit-debuginfo-0:0.115-11.el8_2.2.aarch64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.i686"
},
"product_reference": "polkit-debuginfo-0:0.115-11.el8_2.2.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.ppc64le"
},
"product_reference": "polkit-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.s390x"
},
"product_reference": "polkit-debuginfo-0:0.115-11.el8_2.2.s390x",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.115-11.el8_2.2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.aarch64"
},
"product_reference": "polkit-debugsource-0:0.115-11.el8_2.2.aarch64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-11.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.i686"
},
"product_reference": "polkit-debugsource-0:0.115-11.el8_2.2.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.ppc64le"
},
"product_reference": "polkit-debugsource-0:0.115-11.el8_2.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.s390x"
},
"product_reference": "polkit-debugsource-0:0.115-11.el8_2.2.s390x",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.x86_64"
},
"product_reference": "polkit-debugsource-0:0.115-11.el8_2.2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.aarch64"
},
"product_reference": "polkit-devel-0:0.115-11.el8_2.2.aarch64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-11.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.i686"
},
"product_reference": "polkit-devel-0:0.115-11.el8_2.2.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.ppc64le"
},
"product_reference": "polkit-devel-0:0.115-11.el8_2.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.s390x"
},
"product_reference": "polkit-devel-0:0.115-11.el8_2.2.s390x",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.x86_64"
},
"product_reference": "polkit-devel-0:0.115-11.el8_2.2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.115-11.el8_2.2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-docs-0:0.115-11.el8_2.2.noarch"
},
"product_reference": "polkit-docs-0:0.115-11.el8_2.2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.aarch64"
},
"product_reference": "polkit-libs-0:0.115-11.el8_2.2.aarch64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-11.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.i686"
},
"product_reference": "polkit-libs-0:0.115-11.el8_2.2.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.ppc64le"
},
"product_reference": "polkit-libs-0:0.115-11.el8_2.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.s390x"
},
"product_reference": "polkit-libs-0:0.115-11.el8_2.2.s390x",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.x86_64"
},
"product_reference": "polkit-libs-0:0.115-11.el8_2.2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.aarch64"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.aarch64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.i686"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.ppc64le"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.s390x"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.s390x",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.x86_64"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-11.el8_2.2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.src",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-docs-0:0.115-11.el8_2.2.noarch",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.src",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-docs-0:0.115-11.el8_2.2.noarch",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0265"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.src",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-docs-0:0.115-11.el8_2.2.noarch",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.src",
"BaseOS-8.2.0.Z.EUS:polkit-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-devel-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-docs-0:0.115-11.el8_2.2.noarch",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-libs-0:0.115-11.el8_2.2.x86_64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.aarch64",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.i686",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.ppc64le",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.s390x",
"BaseOS-8.2.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_2.2.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
}
rhsa-2022_0270
Vulnerability from csaf_redhat
Published
2022-01-25 18:21
Modified
2024-09-13 17:32
Summary
Red Hat Security Advisory: polkit security update
Notes
Topic
An update for polkit is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for polkit is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0270",
"url": "https://access.redhat.com/errata/RHSA-2022:0270"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0270.json"
}
],
"title": "Red Hat Security Advisory: polkit security update",
"tracking": {
"current_release_date": "2024-09-13T17:32:36+00:00",
"generator": {
"date": "2024-09-13T17:32:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0270",
"initial_release_date": "2022-01-25T18:21:13+00:00",
"revision_history": [
{
"date": "2022-01-25T18:21:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T18:21:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T17:32:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.3::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-12.el7_3.1.src",
"product": {
"name": "polkit-0:0.112-12.el7_3.1.src",
"product_id": "polkit-0:0.112-12.el7_3.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-12.el7_3.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-12.el7_3.1.x86_64",
"product": {
"name": "polkit-0:0.112-12.el7_3.1.x86_64",
"product_id": "polkit-0:0.112-12.el7_3.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-12.el7_3.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-12.el7_3.1.x86_64",
"product": {
"name": "polkit-devel-0:0.112-12.el7_3.1.x86_64",
"product_id": "polkit-devel-0:0.112-12.el7_3.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-12.el7_3.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-12.el7_3.1.x86_64",
"product": {
"name": "polkit-debuginfo-0:0.112-12.el7_3.1.x86_64",
"product_id": "polkit-debuginfo-0:0.112-12.el7_3.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-12.el7_3.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-12.el7_3.1.i686",
"product": {
"name": "polkit-0:0.112-12.el7_3.1.i686",
"product_id": "polkit-0:0.112-12.el7_3.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-12.el7_3.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-12.el7_3.1.i686",
"product": {
"name": "polkit-devel-0:0.112-12.el7_3.1.i686",
"product_id": "polkit-devel-0:0.112-12.el7_3.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-12.el7_3.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-12.el7_3.1.i686",
"product": {
"name": "polkit-debuginfo-0:0.112-12.el7_3.1.i686",
"product_id": "polkit-debuginfo-0:0.112-12.el7_3.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-12.el7_3.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-docs-0:0.112-12.el7_3.1.noarch",
"product": {
"name": "polkit-docs-0:0.112-12.el7_3.1.noarch",
"product_id": "polkit-docs-0:0.112-12.el7_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.112-12.el7_3.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-12.el7_3.1.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.i686"
},
"product_reference": "polkit-0:0.112-12.el7_3.1.i686",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-12.el7_3.1.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.src"
},
"product_reference": "polkit-0:0.112-12.el7_3.1.src",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-12.el7_3.1.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.x86_64"
},
"product_reference": "polkit-0:0.112-12.el7_3.1.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-12.el7_3.1.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:polkit-debuginfo-0:0.112-12.el7_3.1.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-12.el7_3.1.i686",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-12.el7_3.1.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:polkit-debuginfo-0:0.112-12.el7_3.1.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-12.el7_3.1.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-12.el7_3.1.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:polkit-devel-0:0.112-12.el7_3.1.i686"
},
"product_reference": "polkit-devel-0:0.112-12.el7_3.1.i686",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-12.el7_3.1.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:polkit-devel-0:0.112-12.el7_3.1.x86_64"
},
"product_reference": "polkit-devel-0:0.112-12.el7_3.1.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-12.el7_3.1.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:polkit-docs-0:0.112-12.el7_3.1.noarch"
},
"product_reference": "polkit-docs-0:0.112-12.el7_3.1.noarch",
"relates_to_product_reference": "7Server-7.3.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.src",
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-debuginfo-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-debuginfo-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-devel-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-devel-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-docs-0:0.112-12.el7_3.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.src",
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-debuginfo-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-debuginfo-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-devel-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-devel-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-docs-0:0.112-12.el7_3.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0270"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.src",
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-debuginfo-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-debuginfo-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-devel-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-devel-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-docs-0:0.112-12.el7_3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.src",
"7Server-7.3.AUS:polkit-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-debuginfo-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-debuginfo-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-devel-0:0.112-12.el7_3.1.i686",
"7Server-7.3.AUS:polkit-devel-0:0.112-12.el7_3.1.x86_64",
"7Server-7.3.AUS:polkit-docs-0:0.112-12.el7_3.1.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
}
rhsa-2022_0540
Vulnerability from csaf_redhat
Published
2022-02-15 11:01
Modified
2024-09-13 17:33
Summary
Red Hat Security Advisory: Red Hat Virtualization Host security update [ovirt-4.4.10-1]
Notes
Topic
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
* kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)
* aide: heap-based buffer overflow on outputs larger than B64_BUF (CVE-2021-45417)
* kernel: fs_context: heap overflow in legacy parameter handling (CVE-2022-0185)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Rebased wget package and its dependencies for the same version shipped with recent RHEL. (BZ#2030082)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host\u0027s resources and performing administrative tasks.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\n* kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)\n\n* aide: heap-based buffer overflow on outputs larger than B64_BUF (CVE-2021-45417)\n\n* kernel: fs_context: heap overflow in legacy parameter handling (CVE-2022-0185)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Rebased wget package and its dependencies for the same version shipped with recent RHEL. (BZ#2030082)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0540",
"url": "https://access.redhat.com/errata/RHSA-2022:0540"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "2030082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030082"
},
{
"category": "external",
"summary": "2034685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034685"
},
{
"category": "external",
"summary": "2034813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813"
},
{
"category": "external",
"summary": "2040358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040358"
},
{
"category": "external",
"summary": "2041489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041489"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0540.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Virtualization Host security update [ovirt-4.4.10-1]",
"tracking": {
"current_release_date": "2024-09-13T17:33:45+00:00",
"generator": {
"date": "2024-09-13T17:33:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0540",
"initial_release_date": "2022-02-15T11:01:25+00:00",
"revision_history": [
{
"date": "2022-02-15T11:01:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-15T11:01:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T17:33:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product": {
"name": "Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8"
}
}
},
{
"category": "product_name",
"name": "RHEL 8-based RHEV-H for RHEV 4 (build requirements)",
"product": {
"name": "RHEL 8-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "8Base-RHV-HypervisorBuild-4",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "wget-0:1.19.5-10.el8.x86_64",
"product": {
"name": "wget-0:1.19.5-10.el8.x86_64",
"product_id": "wget-0:1.19.5-10.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wget@1.19.5-10.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "wget-debugsource-0:1.19.5-10.el8.x86_64",
"product": {
"name": "wget-debugsource-0:1.19.5-10.el8.x86_64",
"product_id": "wget-debugsource-0:1.19.5-10.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wget-debugsource@1.19.5-10.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "wget-debuginfo-0:1.19.5-10.el8.x86_64",
"product": {
"name": "wget-debuginfo-0:1.19.5-10.el8.x86_64",
"product_id": "wget-debuginfo-0:1.19.5-10.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wget-debuginfo@1.19.5-10.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libmetalink-0:0.1.3-7.el8.x86_64",
"product": {
"name": "libmetalink-0:0.1.3-7.el8.x86_64",
"product_id": "libmetalink-0:0.1.3-7.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libmetalink@0.1.3-7.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libmetalink-devel-0:0.1.3-7.el8.x86_64",
"product": {
"name": "libmetalink-devel-0:0.1.3-7.el8.x86_64",
"product_id": "libmetalink-devel-0:0.1.3-7.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libmetalink-devel@0.1.3-7.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"product": {
"name": "libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"product_id": "libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libmetalink-debugsource@0.1.3-7.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"product": {
"name": "libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"product_id": "libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libmetalink-debuginfo@0.1.3-7.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"product": {
"name": "redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"product_id": "redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.4.10-1.el8ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"product": {
"name": "redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"product_id": "redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-release-virtualization-host-content@4.4.10-1.el8ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64",
"product": {
"name": "redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64",
"product_id": "redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.4.10-202202081536_8.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "wget-0:1.19.5-10.el8.src",
"product": {
"name": "wget-0:1.19.5-10.el8.src",
"product_id": "wget-0:1.19.5-10.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wget@1.19.5-10.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "libmetalink-0:0.1.3-7.el8.src",
"product": {
"name": "libmetalink-0:0.1.3-7.el8.src",
"product_id": "libmetalink-0:0.1.3-7.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libmetalink@0.1.3-7.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"product": {
"name": "redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"product_id": "redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.4.10-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"product": {
"name": "redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"product_id": "redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host@4.4.10-202202081536_8.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch",
"product": {
"name": "redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch",
"product_id": "redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.4.10-1.el8ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libmetalink-0:0.1.3-7.el8.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src"
},
"product_reference": "libmetalink-0:0.1.3-7.el8.src",
"relates_to_product_reference": "8Base-RHV-Hypervisor-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmetalink-0:0.1.3-7.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64"
},
"product_reference": "libmetalink-0:0.1.3-7.el8.x86_64",
"relates_to_product_reference": "8Base-RHV-Hypervisor-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmetalink-debuginfo-0:0.1.3-7.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64"
},
"product_reference": "libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"relates_to_product_reference": "8Base-RHV-Hypervisor-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmetalink-debugsource-0:0.1.3-7.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64"
},
"product_reference": "libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"relates_to_product_reference": "8Base-RHV-Hypervisor-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmetalink-devel-0:0.1.3-7.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64"
},
"product_reference": "libmetalink-devel-0:0.1.3-7.el8.x86_64",
"relates_to_product_reference": "8Base-RHV-Hypervisor-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-0:4.4.10-202202081536_8.5.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src"
},
"product_reference": "redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"relates_to_product_reference": "8Base-RHV-Hypervisor-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
},
"product_reference": "redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64",
"relates_to_product_reference": "8Base-RHV-Hypervisor-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wget-0:1.19.5-10.el8.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src"
},
"product_reference": "wget-0:1.19.5-10.el8.src",
"relates_to_product_reference": "8Base-RHV-Hypervisor-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wget-0:1.19.5-10.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64"
},
"product_reference": "wget-0:1.19.5-10.el8.x86_64",
"relates_to_product_reference": "8Base-RHV-Hypervisor-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wget-debuginfo-0:1.19.5-10.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64"
},
"product_reference": "wget-debuginfo-0:1.19.5-10.el8.x86_64",
"relates_to_product_reference": "8Base-RHV-Hypervisor-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wget-debugsource-0:1.19.5-10.el8.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8",
"product_id": "8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64"
},
"product_reference": "wget-debugsource-0:1.19.5-10.el8.x86_64",
"relates_to_product_reference": "8Base-RHV-Hypervisor-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-release-virtualization-host-0:4.4.10-1.el8ev.src as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src"
},
"product_reference": "redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-HypervisorBuild-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64 as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64"
},
"product_reference": "redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"relates_to_product_reference": "8Base-RHV-HypervisorBuild-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64 as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64"
},
"product_reference": "redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"relates_to_product_reference": "8Base-RHV-HypervisorBuild-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
},
"product_reference": "redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-HypervisorBuild-4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src",
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
],
"known_not_affected": [
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src",
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0540"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src",
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
},
{
"acknowledgments": [
{
"names": [
"Kirill Tkhai"
],
"organization": "Virtuozzo Kernel team"
}
],
"cve": "CVE-2021-4155",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2021-12-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src",
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034813"
}
],
"notes": [
{
"category": "description",
"text": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
],
"known_not_affected": [
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src",
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4155"
},
{
"category": "external",
"summary": "RHBZ#2034813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4155"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79"
}
],
"release_date": "2022-01-10T06:36:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0540"
},
{
"category": "workaround",
"details": "This issue can be mitigated by ensuring xfs_alloc_file_space is not called with \"0\" as an argument.\n\nThis can be done with a SystemTap script (which resets \"0\" with XFS_BMAPI_PREALLOC), below are the steps:\n\n1) Save the following script in a \u0027CVE-2021-4155.stp\u0027 file\n\n--- On Red Hat Enterprise Linux 6 ---\nprobe module(\"xfs\").function(\"xfs_alloc_file_space\") {\n\tif ($alloc_type == 0)\n\t\t$alloc_type = 0x40;\t# XFS_BMAPI_PREALLOC\n}\n--- On Red Hat Enterprise Linux 6 ---\n\n--- On Red Hat Enterprise Linux 7 onwards ---\nprobe module(\"xfs\").function(\"xfs_alloc_file_space\") {\n\tif ($alloc_type == 0)\n\t\t$alloc_type = 0x8;\t# XFS_BMAPI_PREALLOC\n}\n--- On Red Hat Enterprise Linux 7 onwards ---\n\n2) Install systemtap package and its dependencies\n\n # yum install -y systemtap systemtap-runtime\n # yum install -y kernel-devel kernel-debuginfo\n\n3) Build the mitigation kernel module as root.\n\n # stap -r `uname -r` -m cve_2021_4155.ko -g CVE-2021-4155.stp -p4\n\n4) Load the mitigation module as root\n\n # staprun -L cve_2021_4155.ko\n\n\n\nWhat is SystemTap and how to use it?\nhttps://access.redhat.com/solutions/5441",
"product_ids": [
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src",
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL"
},
{
"cve": "CVE-2021-45417",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src",
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2041489"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large (\u003c16k) extended file attributes or ACL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "aide: heap-based buffer overflow on outputs larger than B64_BUF",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
],
"known_not_affected": [
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src",
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45417"
},
{
"category": "external",
"summary": "RHBZ#2041489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45417",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45417"
}
],
"release_date": "2022-01-20T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0540"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "aide: heap-based buffer overflow on outputs larger than B64_BUF"
},
{
"acknowledgments": [
{
"names": [
"William Liu"
],
"organization": "willsroot@protonmail.com"
},
{
"names": [
"Jamie Hill-Daniel"
],
"organization": "jamie@hill-daniel.co.uk"
},
{
"names": [
"Isaac Badipe"
],
"organization": "isaac.badipe@gmail.com"
},
{
"names": [
"Alec Petridis"
],
"organization": "alecthechop@gmail.com"
},
{
"names": [
"Hrvoje Mi\u0161eti\u0107"
],
"organization": "misetichrvoje@gmail.com"
},
{
"names": [
"Philip Papurt"
],
"organization": "g@gnk.io"
}
],
"cve": "CVE-2022-0185",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"discovery_date": "2022-01-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src",
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2040358"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fs_context: heap overflow in legacy parameter handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 8.4 GA onwards. Previous Red Hat Enterprise Linux versions are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
],
"known_not_affected": [
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src",
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0185"
},
{
"category": "external",
"summary": "RHBZ#2040358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0185",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0185"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0185",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0185"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2"
},
{
"category": "external",
"summary": "https://github.com/Crusaders-of-Rust/CVE-2022-0185",
"url": "https://github.com/Crusaders-of-Rust/CVE-2022-0185"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/01/18/7",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/7"
},
{
"category": "external",
"summary": "https://www.willsroot.io/2022/01/cve-2022-0185.html",
"url": "https://www.willsroot.io/2022/01/cve-2022-0185.html"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-18T18:41:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0540"
},
{
"category": "workaround",
"details": "On non-containerized deployments of Red Hat Enterprise Linux 8, you can disable user namespaces by setting user.max_user_namespaces to 0:\n\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.",
"product_ids": [
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.src",
"8Base-RHV-Hypervisor-4:libmetalink-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debuginfo-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-debugsource-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:libmetalink-devel-0:0.1.3-7.el8.x86_64",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.src",
"8Base-RHV-Hypervisor-4:wget-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debuginfo-0:1.19.5-10.el8.x86_64",
"8Base-RHV-Hypervisor-4:wget-debugsource-0:1.19.5-10.el8.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.src",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.10-1.el8ev.x86_64",
"8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.10-1.el8ev.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.10-202202081536_8.5.src",
"8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.10-202202081536_8.5.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2024-08-21T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: fs_context: heap overflow in legacy parameter handling"
}
]
}
rhsa-2022_0268
Vulnerability from csaf_redhat
Published
2022-01-25 18:04
Modified
2024-09-13 17:32
Summary
Red Hat Security Advisory: polkit security update
Notes
Topic
An update for polkit is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for polkit is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0268",
"url": "https://access.redhat.com/errata/RHSA-2022:0268"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0268.json"
}
],
"title": "Red Hat Security Advisory: polkit security update",
"tracking": {
"current_release_date": "2024-09-13T17:32:20+00:00",
"generator": {
"date": "2024-09-13T17:32:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0268",
"initial_release_date": "2022-01-25T18:04:56+00:00",
"revision_history": [
{
"date": "2022-01-25T18:04:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T18:04:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T17:32:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.1::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-9.el8_1.2.src",
"product": {
"name": "polkit-0:0.115-9.el8_1.2.src",
"product_id": "polkit-0:0.115-9.el8_1.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-9.el8_1.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-9.el8_1.2.ppc64le",
"product": {
"name": "polkit-0:0.115-9.el8_1.2.ppc64le",
"product_id": "polkit-0:0.115-9.el8_1.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-9.el8_1.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-9.el8_1.2.ppc64le",
"product": {
"name": "polkit-devel-0:0.115-9.el8_1.2.ppc64le",
"product_id": "polkit-devel-0:0.115-9.el8_1.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-9.el8_1.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-9.el8_1.2.ppc64le",
"product": {
"name": "polkit-libs-0:0.115-9.el8_1.2.ppc64le",
"product_id": "polkit-libs-0:0.115-9.el8_1.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-9.el8_1.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-9.el8_1.2.ppc64le",
"product": {
"name": "polkit-debugsource-0:0.115-9.el8_1.2.ppc64le",
"product_id": "polkit-debugsource-0:0.115-9.el8_1.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-9.el8_1.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"product": {
"name": "polkit-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"product_id": "polkit-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-9.el8_1.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"product_id": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-9.el8_1.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-9.el8_1.2.x86_64",
"product": {
"name": "polkit-0:0.115-9.el8_1.2.x86_64",
"product_id": "polkit-0:0.115-9.el8_1.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-9.el8_1.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-9.el8_1.2.x86_64",
"product": {
"name": "polkit-devel-0:0.115-9.el8_1.2.x86_64",
"product_id": "polkit-devel-0:0.115-9.el8_1.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-9.el8_1.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-9.el8_1.2.x86_64",
"product": {
"name": "polkit-libs-0:0.115-9.el8_1.2.x86_64",
"product_id": "polkit-libs-0:0.115-9.el8_1.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-9.el8_1.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-9.el8_1.2.x86_64",
"product": {
"name": "polkit-debugsource-0:0.115-9.el8_1.2.x86_64",
"product_id": "polkit-debugsource-0:0.115-9.el8_1.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-9.el8_1.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-9.el8_1.2.x86_64",
"product": {
"name": "polkit-debuginfo-0:0.115-9.el8_1.2.x86_64",
"product_id": "polkit-debuginfo-0:0.115-9.el8_1.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-9.el8_1.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.x86_64",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.x86_64",
"product_id": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-9.el8_1.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-devel-0:0.115-9.el8_1.2.i686",
"product": {
"name": "polkit-devel-0:0.115-9.el8_1.2.i686",
"product_id": "polkit-devel-0:0.115-9.el8_1.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-9.el8_1.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-9.el8_1.2.i686",
"product": {
"name": "polkit-libs-0:0.115-9.el8_1.2.i686",
"product_id": "polkit-libs-0:0.115-9.el8_1.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-9.el8_1.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-9.el8_1.2.i686",
"product": {
"name": "polkit-debugsource-0:0.115-9.el8_1.2.i686",
"product_id": "polkit-debugsource-0:0.115-9.el8_1.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-9.el8_1.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-9.el8_1.2.i686",
"product": {
"name": "polkit-debuginfo-0:0.115-9.el8_1.2.i686",
"product_id": "polkit-debuginfo-0:0.115-9.el8_1.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-9.el8_1.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.i686",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.i686",
"product_id": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-9.el8_1.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-docs-0:0.115-9.el8_1.2.noarch",
"product": {
"name": "polkit-docs-0:0.115-9.el8_1.2.noarch",
"product_id": "polkit-docs-0:0.115-9.el8_1.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.115-9.el8_1.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-9.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.ppc64le"
},
"product_reference": "polkit-0:0.115-9.el8_1.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-9.el8_1.2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.src"
},
"product_reference": "polkit-0:0.115-9.el8_1.2.src",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-9.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.x86_64"
},
"product_reference": "polkit-0:0.115-9.el8_1.2.x86_64",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-9.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.i686"
},
"product_reference": "polkit-debuginfo-0:0.115-9.el8_1.2.i686",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-9.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.ppc64le"
},
"product_reference": "polkit-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-9.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.115-9.el8_1.2.x86_64",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-9.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.i686"
},
"product_reference": "polkit-debugsource-0:0.115-9.el8_1.2.i686",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-9.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.ppc64le"
},
"product_reference": "polkit-debugsource-0:0.115-9.el8_1.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-9.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.x86_64"
},
"product_reference": "polkit-debugsource-0:0.115-9.el8_1.2.x86_64",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-9.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.i686"
},
"product_reference": "polkit-devel-0:0.115-9.el8_1.2.i686",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-9.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.ppc64le"
},
"product_reference": "polkit-devel-0:0.115-9.el8_1.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-9.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.x86_64"
},
"product_reference": "polkit-devel-0:0.115-9.el8_1.2.x86_64",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.115-9.el8_1.2.noarch as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-docs-0:0.115-9.el8_1.2.noarch"
},
"product_reference": "polkit-docs-0:0.115-9.el8_1.2.noarch",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-9.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.i686"
},
"product_reference": "polkit-libs-0:0.115-9.el8_1.2.i686",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-9.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.ppc64le"
},
"product_reference": "polkit-libs-0:0.115-9.el8_1.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-9.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.x86_64"
},
"product_reference": "polkit-libs-0:0.115-9.el8_1.2.x86_64",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.i686"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.i686",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.ppc64le"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.1)",
"product_id": "BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.x86_64"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-9.el8_1.2.x86_64",
"relates_to_product_reference": "BaseOS-8.1.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.src",
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-docs-0:0.115-9.el8_1.2.noarch",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.src",
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-docs-0:0.115-9.el8_1.2.noarch",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0268"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.src",
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-docs-0:0.115-9.el8_1.2.noarch",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.src",
"BaseOS-8.1.0.Z.E4S:polkit-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-debuginfo-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-debugsource-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-devel-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-docs-0:0.115-9.el8_1.2.noarch",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-libs-0:0.115-9.el8_1.2.x86_64",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.i686",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.ppc64le",
"BaseOS-8.1.0.Z.E4S:polkit-libs-debuginfo-0:0.115-9.el8_1.2.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
}
rhsa-2022_0266
Vulnerability from csaf_redhat
Published
2022-01-25 18:15
Modified
2024-09-13 17:32
Summary
Red Hat Security Advisory: polkit security update
Notes
Topic
An update for polkit is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for polkit is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0266",
"url": "https://access.redhat.com/errata/RHSA-2022:0266"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0266.json"
}
],
"title": "Red Hat Security Advisory: polkit security update",
"tracking": {
"current_release_date": "2024-09-13T17:32:48+00:00",
"generator": {
"date": "2024-09-13T17:32:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0266",
"initial_release_date": "2022-01-25T18:15:24+00:00",
"revision_history": [
{
"date": "2022-01-25T18:15:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T18:15:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T17:32:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:8.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-11.el8_4.2.src",
"product": {
"name": "polkit-0:0.115-11.el8_4.2.src",
"product_id": "polkit-0:0.115-11.el8_4.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-11.el8_4.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-11.el8_4.2.aarch64",
"product": {
"name": "polkit-0:0.115-11.el8_4.2.aarch64",
"product_id": "polkit-0:0.115-11.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-11.el8_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-11.el8_4.2.aarch64",
"product": {
"name": "polkit-devel-0:0.115-11.el8_4.2.aarch64",
"product_id": "polkit-devel-0:0.115-11.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-11.el8_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-11.el8_4.2.aarch64",
"product": {
"name": "polkit-libs-0:0.115-11.el8_4.2.aarch64",
"product_id": "polkit-libs-0:0.115-11.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-11.el8_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-11.el8_4.2.aarch64",
"product": {
"name": "polkit-debugsource-0:0.115-11.el8_4.2.aarch64",
"product_id": "polkit-debugsource-0:0.115-11.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-11.el8_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.aarch64",
"product": {
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.aarch64",
"product_id": "polkit-debuginfo-0:0.115-11.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-11.el8_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.aarch64",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.aarch64",
"product_id": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-11.el8_4.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-11.el8_4.2.ppc64le",
"product": {
"name": "polkit-0:0.115-11.el8_4.2.ppc64le",
"product_id": "polkit-0:0.115-11.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-11.el8_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-11.el8_4.2.ppc64le",
"product": {
"name": "polkit-devel-0:0.115-11.el8_4.2.ppc64le",
"product_id": "polkit-devel-0:0.115-11.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-11.el8_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-11.el8_4.2.ppc64le",
"product": {
"name": "polkit-libs-0:0.115-11.el8_4.2.ppc64le",
"product_id": "polkit-libs-0:0.115-11.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-11.el8_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-11.el8_4.2.ppc64le",
"product": {
"name": "polkit-debugsource-0:0.115-11.el8_4.2.ppc64le",
"product_id": "polkit-debugsource-0:0.115-11.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-11.el8_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"product": {
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"product_id": "polkit-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-11.el8_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"product_id": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-11.el8_4.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-11.el8_4.2.x86_64",
"product": {
"name": "polkit-0:0.115-11.el8_4.2.x86_64",
"product_id": "polkit-0:0.115-11.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-11.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-11.el8_4.2.x86_64",
"product": {
"name": "polkit-devel-0:0.115-11.el8_4.2.x86_64",
"product_id": "polkit-devel-0:0.115-11.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-11.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-11.el8_4.2.x86_64",
"product": {
"name": "polkit-libs-0:0.115-11.el8_4.2.x86_64",
"product_id": "polkit-libs-0:0.115-11.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-11.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-11.el8_4.2.x86_64",
"product": {
"name": "polkit-debugsource-0:0.115-11.el8_4.2.x86_64",
"product_id": "polkit-debugsource-0:0.115-11.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-11.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.x86_64",
"product": {
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.x86_64",
"product_id": "polkit-debuginfo-0:0.115-11.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-11.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.x86_64",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.x86_64",
"product_id": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-11.el8_4.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-devel-0:0.115-11.el8_4.2.i686",
"product": {
"name": "polkit-devel-0:0.115-11.el8_4.2.i686",
"product_id": "polkit-devel-0:0.115-11.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-11.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-11.el8_4.2.i686",
"product": {
"name": "polkit-libs-0:0.115-11.el8_4.2.i686",
"product_id": "polkit-libs-0:0.115-11.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-11.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-11.el8_4.2.i686",
"product": {
"name": "polkit-debugsource-0:0.115-11.el8_4.2.i686",
"product_id": "polkit-debugsource-0:0.115-11.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-11.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.i686",
"product": {
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.i686",
"product_id": "polkit-debuginfo-0:0.115-11.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-11.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.i686",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.i686",
"product_id": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-11.el8_4.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-11.el8_4.2.s390x",
"product": {
"name": "polkit-0:0.115-11.el8_4.2.s390x",
"product_id": "polkit-0:0.115-11.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-11.el8_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-11.el8_4.2.s390x",
"product": {
"name": "polkit-devel-0:0.115-11.el8_4.2.s390x",
"product_id": "polkit-devel-0:0.115-11.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-11.el8_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-11.el8_4.2.s390x",
"product": {
"name": "polkit-libs-0:0.115-11.el8_4.2.s390x",
"product_id": "polkit-libs-0:0.115-11.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-11.el8_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-11.el8_4.2.s390x",
"product": {
"name": "polkit-debugsource-0:0.115-11.el8_4.2.s390x",
"product_id": "polkit-debugsource-0:0.115-11.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-11.el8_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.s390x",
"product": {
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.s390x",
"product_id": "polkit-debuginfo-0:0.115-11.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-11.el8_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.s390x",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.s390x",
"product_id": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-11.el8_4.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-docs-0:0.115-11.el8_4.2.noarch",
"product": {
"name": "polkit-docs-0:0.115-11.el8_4.2.noarch",
"product_id": "polkit-docs-0:0.115-11.el8_4.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.115-11.el8_4.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-11.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.aarch64"
},
"product_reference": "polkit-0:0.115-11.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-11.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.ppc64le"
},
"product_reference": "polkit-0:0.115-11.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-11.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.s390x"
},
"product_reference": "polkit-0:0.115-11.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-11.el8_4.2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.src"
},
"product_reference": "polkit-0:0.115-11.el8_4.2.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-11.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.x86_64"
},
"product_reference": "polkit-0:0.115-11.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.aarch64"
},
"product_reference": "polkit-debuginfo-0:0.115-11.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.i686"
},
"product_reference": "polkit-debuginfo-0:0.115-11.el8_4.2.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.ppc64le"
},
"product_reference": "polkit-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.s390x"
},
"product_reference": "polkit-debuginfo-0:0.115-11.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-11.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.115-11.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-11.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.aarch64"
},
"product_reference": "polkit-debugsource-0:0.115-11.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-11.el8_4.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.i686"
},
"product_reference": "polkit-debugsource-0:0.115-11.el8_4.2.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-11.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.ppc64le"
},
"product_reference": "polkit-debugsource-0:0.115-11.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-11.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.s390x"
},
"product_reference": "polkit-debugsource-0:0.115-11.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-11.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.x86_64"
},
"product_reference": "polkit-debugsource-0:0.115-11.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-11.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.aarch64"
},
"product_reference": "polkit-devel-0:0.115-11.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-11.el8_4.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.i686"
},
"product_reference": "polkit-devel-0:0.115-11.el8_4.2.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-11.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.ppc64le"
},
"product_reference": "polkit-devel-0:0.115-11.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-11.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.s390x"
},
"product_reference": "polkit-devel-0:0.115-11.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-11.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.x86_64"
},
"product_reference": "polkit-devel-0:0.115-11.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.115-11.el8_4.2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-docs-0:0.115-11.el8_4.2.noarch"
},
"product_reference": "polkit-docs-0:0.115-11.el8_4.2.noarch",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-11.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.aarch64"
},
"product_reference": "polkit-libs-0:0.115-11.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-11.el8_4.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.i686"
},
"product_reference": "polkit-libs-0:0.115-11.el8_4.2.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-11.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.ppc64le"
},
"product_reference": "polkit-libs-0:0.115-11.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-11.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.s390x"
},
"product_reference": "polkit-libs-0:0.115-11.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-11.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.x86_64"
},
"product_reference": "polkit-libs-0:0.115-11.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.aarch64"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.i686"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.ppc64le"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.s390x"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.x86_64"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-11.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.src",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-docs-0:0.115-11.el8_4.2.noarch",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.src",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-docs-0:0.115-11.el8_4.2.noarch",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0266"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.src",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-docs-0:0.115-11.el8_4.2.noarch",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.src",
"BaseOS-8.4.0.Z.EUS:polkit-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-debuginfo-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-debugsource-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-devel-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-docs-0:0.115-11.el8_4.2.noarch",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-libs-0:0.115-11.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.i686",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.s390x",
"BaseOS-8.4.0.Z.EUS:polkit-libs-debuginfo-0:0.115-11.el8_4.2.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
}
rhsa-2022_0267
Vulnerability from csaf_redhat
Published
2022-01-25 19:47
Modified
2024-09-13 17:31
Summary
Red Hat Security Advisory: polkit security update
Notes
Topic
An update for polkit is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for polkit is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0267",
"url": "https://access.redhat.com/errata/RHSA-2022:0267"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0267.json"
}
],
"title": "Red Hat Security Advisory: polkit security update",
"tracking": {
"current_release_date": "2024-09-13T17:31:48+00:00",
"generator": {
"date": "2024-09-13T17:31:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0267",
"initial_release_date": "2022-01-25T19:47:29+00:00",
"revision_history": [
{
"date": "2022-01-25T19:47:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T19:47:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T17:31:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-13.el8_5.1.src",
"product": {
"name": "polkit-0:0.115-13.el8_5.1.src",
"product_id": "polkit-0:0.115-13.el8_5.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-13.el8_5.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-13.el8_5.1.aarch64",
"product": {
"name": "polkit-0:0.115-13.el8_5.1.aarch64",
"product_id": "polkit-0:0.115-13.el8_5.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-13.el8_5.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-13.el8_5.1.aarch64",
"product": {
"name": "polkit-devel-0:0.115-13.el8_5.1.aarch64",
"product_id": "polkit-devel-0:0.115-13.el8_5.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-13.el8_5.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-13.el8_5.1.aarch64",
"product": {
"name": "polkit-libs-0:0.115-13.el8_5.1.aarch64",
"product_id": "polkit-libs-0:0.115-13.el8_5.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-13.el8_5.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-13.el8_5.1.aarch64",
"product": {
"name": "polkit-debugsource-0:0.115-13.el8_5.1.aarch64",
"product_id": "polkit-debugsource-0:0.115-13.el8_5.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-13.el8_5.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.aarch64",
"product": {
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.aarch64",
"product_id": "polkit-debuginfo-0:0.115-13.el8_5.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-13.el8_5.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.aarch64",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.aarch64",
"product_id": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-13.el8_5.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-13.el8_5.1.ppc64le",
"product": {
"name": "polkit-0:0.115-13.el8_5.1.ppc64le",
"product_id": "polkit-0:0.115-13.el8_5.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-13.el8_5.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-13.el8_5.1.ppc64le",
"product": {
"name": "polkit-devel-0:0.115-13.el8_5.1.ppc64le",
"product_id": "polkit-devel-0:0.115-13.el8_5.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-13.el8_5.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-13.el8_5.1.ppc64le",
"product": {
"name": "polkit-libs-0:0.115-13.el8_5.1.ppc64le",
"product_id": "polkit-libs-0:0.115-13.el8_5.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-13.el8_5.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-13.el8_5.1.ppc64le",
"product": {
"name": "polkit-debugsource-0:0.115-13.el8_5.1.ppc64le",
"product_id": "polkit-debugsource-0:0.115-13.el8_5.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-13.el8_5.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"product": {
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"product_id": "polkit-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-13.el8_5.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"product_id": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-13.el8_5.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-13.el8_5.1.x86_64",
"product": {
"name": "polkit-0:0.115-13.el8_5.1.x86_64",
"product_id": "polkit-0:0.115-13.el8_5.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-13.el8_5.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-13.el8_5.1.x86_64",
"product": {
"name": "polkit-devel-0:0.115-13.el8_5.1.x86_64",
"product_id": "polkit-devel-0:0.115-13.el8_5.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-13.el8_5.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-13.el8_5.1.x86_64",
"product": {
"name": "polkit-libs-0:0.115-13.el8_5.1.x86_64",
"product_id": "polkit-libs-0:0.115-13.el8_5.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-13.el8_5.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-13.el8_5.1.x86_64",
"product": {
"name": "polkit-debugsource-0:0.115-13.el8_5.1.x86_64",
"product_id": "polkit-debugsource-0:0.115-13.el8_5.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-13.el8_5.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.x86_64",
"product": {
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.x86_64",
"product_id": "polkit-debuginfo-0:0.115-13.el8_5.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-13.el8_5.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.x86_64",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.x86_64",
"product_id": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-13.el8_5.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-devel-0:0.115-13.el8_5.1.i686",
"product": {
"name": "polkit-devel-0:0.115-13.el8_5.1.i686",
"product_id": "polkit-devel-0:0.115-13.el8_5.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-13.el8_5.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-13.el8_5.1.i686",
"product": {
"name": "polkit-libs-0:0.115-13.el8_5.1.i686",
"product_id": "polkit-libs-0:0.115-13.el8_5.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-13.el8_5.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-13.el8_5.1.i686",
"product": {
"name": "polkit-debugsource-0:0.115-13.el8_5.1.i686",
"product_id": "polkit-debugsource-0:0.115-13.el8_5.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-13.el8_5.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.i686",
"product": {
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.i686",
"product_id": "polkit-debuginfo-0:0.115-13.el8_5.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-13.el8_5.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.i686",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.i686",
"product_id": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-13.el8_5.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.115-13.el8_5.1.s390x",
"product": {
"name": "polkit-0:0.115-13.el8_5.1.s390x",
"product_id": "polkit-0:0.115-13.el8_5.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.115-13.el8_5.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.115-13.el8_5.1.s390x",
"product": {
"name": "polkit-devel-0:0.115-13.el8_5.1.s390x",
"product_id": "polkit-devel-0:0.115-13.el8_5.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.115-13.el8_5.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-0:0.115-13.el8_5.1.s390x",
"product": {
"name": "polkit-libs-0:0.115-13.el8_5.1.s390x",
"product_id": "polkit-libs-0:0.115-13.el8_5.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs@0.115-13.el8_5.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-debugsource-0:0.115-13.el8_5.1.s390x",
"product": {
"name": "polkit-debugsource-0:0.115-13.el8_5.1.s390x",
"product_id": "polkit-debugsource-0:0.115-13.el8_5.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debugsource@0.115-13.el8_5.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.s390x",
"product": {
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.s390x",
"product_id": "polkit-debuginfo-0:0.115-13.el8_5.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.115-13.el8_5.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.s390x",
"product": {
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.s390x",
"product_id": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-libs-debuginfo@0.115-13.el8_5.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-docs-0:0.115-13.el8_5.1.noarch",
"product": {
"name": "polkit-docs-0:0.115-13.el8_5.1.noarch",
"product_id": "polkit-docs-0:0.115-13.el8_5.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.115-13.el8_5.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-13.el8_5.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.aarch64"
},
"product_reference": "polkit-0:0.115-13.el8_5.1.aarch64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-13.el8_5.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.ppc64le"
},
"product_reference": "polkit-0:0.115-13.el8_5.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-13.el8_5.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.s390x"
},
"product_reference": "polkit-0:0.115-13.el8_5.1.s390x",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-13.el8_5.1.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.src"
},
"product_reference": "polkit-0:0.115-13.el8_5.1.src",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.115-13.el8_5.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.x86_64"
},
"product_reference": "polkit-0:0.115-13.el8_5.1.x86_64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.aarch64"
},
"product_reference": "polkit-debuginfo-0:0.115-13.el8_5.1.aarch64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.i686"
},
"product_reference": "polkit-debuginfo-0:0.115-13.el8_5.1.i686",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.ppc64le"
},
"product_reference": "polkit-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.s390x"
},
"product_reference": "polkit-debuginfo-0:0.115-13.el8_5.1.s390x",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.115-13.el8_5.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.115-13.el8_5.1.x86_64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-13.el8_5.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.aarch64"
},
"product_reference": "polkit-debugsource-0:0.115-13.el8_5.1.aarch64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-13.el8_5.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.i686"
},
"product_reference": "polkit-debugsource-0:0.115-13.el8_5.1.i686",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-13.el8_5.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.ppc64le"
},
"product_reference": "polkit-debugsource-0:0.115-13.el8_5.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-13.el8_5.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.s390x"
},
"product_reference": "polkit-debugsource-0:0.115-13.el8_5.1.s390x",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debugsource-0:0.115-13.el8_5.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.x86_64"
},
"product_reference": "polkit-debugsource-0:0.115-13.el8_5.1.x86_64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-13.el8_5.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.aarch64"
},
"product_reference": "polkit-devel-0:0.115-13.el8_5.1.aarch64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-13.el8_5.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.i686"
},
"product_reference": "polkit-devel-0:0.115-13.el8_5.1.i686",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-13.el8_5.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.ppc64le"
},
"product_reference": "polkit-devel-0:0.115-13.el8_5.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-13.el8_5.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.s390x"
},
"product_reference": "polkit-devel-0:0.115-13.el8_5.1.s390x",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.115-13.el8_5.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.x86_64"
},
"product_reference": "polkit-devel-0:0.115-13.el8_5.1.x86_64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.115-13.el8_5.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-docs-0:0.115-13.el8_5.1.noarch"
},
"product_reference": "polkit-docs-0:0.115-13.el8_5.1.noarch",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-13.el8_5.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.aarch64"
},
"product_reference": "polkit-libs-0:0.115-13.el8_5.1.aarch64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-13.el8_5.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.i686"
},
"product_reference": "polkit-libs-0:0.115-13.el8_5.1.i686",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-13.el8_5.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.ppc64le"
},
"product_reference": "polkit-libs-0:0.115-13.el8_5.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-13.el8_5.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.s390x"
},
"product_reference": "polkit-libs-0:0.115-13.el8_5.1.s390x",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-0:0.115-13.el8_5.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.x86_64"
},
"product_reference": "polkit-libs-0:0.115-13.el8_5.1.x86_64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.aarch64"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.aarch64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.i686"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.i686",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.ppc64le"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.s390x"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.s390x",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.x86_64"
},
"product_reference": "polkit-libs-debuginfo-0:0.115-13.el8_5.1.x86_64",
"relates_to_product_reference": "BaseOS-8.5.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.src",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-docs-0:0.115-13.el8_5.1.noarch",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.src",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-docs-0:0.115-13.el8_5.1.noarch",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0267"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.src",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-docs-0:0.115-13.el8_5.1.noarch",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.src",
"BaseOS-8.5.0.Z.MAIN:polkit-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-debuginfo-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-debugsource-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-devel-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-docs-0:0.115-13.el8_5.1.noarch",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-0:0.115-13.el8_5.1.x86_64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.aarch64",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.i686",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.ppc64le",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.s390x",
"BaseOS-8.5.0.Z.MAIN:polkit-libs-debuginfo-0:0.115-13.el8_5.1.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
}
rhsa-2022_0273
Vulnerability from csaf_redhat
Published
2022-01-25 19:07
Modified
2024-09-13 17:31
Summary
Red Hat Security Advisory: polkit security update
Notes
Topic
An update for polkit is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for polkit is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0273",
"url": "https://access.redhat.com/errata/RHSA-2022:0273"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0273.json"
}
],
"title": "Red Hat Security Advisory: polkit security update",
"tracking": {
"current_release_date": "2024-09-13T17:31:56+00:00",
"generator": {
"date": "2024-09-13T17:31:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0273",
"initial_release_date": "2022-01-25T19:07:00+00:00",
"revision_history": [
{
"date": "2022-01-25T19:07:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T19:07:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T17:31:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.7)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.7)",
"product_id": "7Server-7.7.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product": {
"name": "Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:7.7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server TUS (v. 7.7)",
"product": {
"name": "Red Hat Enterprise Linux Server TUS (v. 7.7)",
"product_id": "7Server-7.7.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:7.7::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-22.el7_7.2.src",
"product": {
"name": "polkit-0:0.112-22.el7_7.2.src",
"product_id": "polkit-0:0.112-22.el7_7.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-22.el7_7.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-22.el7_7.2.x86_64",
"product": {
"name": "polkit-0:0.112-22.el7_7.2.x86_64",
"product_id": "polkit-0:0.112-22.el7_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-22.el7_7.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-22.el7_7.2.x86_64",
"product": {
"name": "polkit-devel-0:0.112-22.el7_7.2.x86_64",
"product_id": "polkit-devel-0:0.112-22.el7_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-22.el7_7.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"product": {
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"product_id": "polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-22.el7_7.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-22.el7_7.2.i686",
"product": {
"name": "polkit-0:0.112-22.el7_7.2.i686",
"product_id": "polkit-0:0.112-22.el7_7.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-22.el7_7.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-22.el7_7.2.i686",
"product": {
"name": "polkit-devel-0:0.112-22.el7_7.2.i686",
"product_id": "polkit-devel-0:0.112-22.el7_7.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-22.el7_7.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"product": {
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"product_id": "polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-22.el7_7.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-docs-0:0.112-22.el7_7.2.noarch",
"product": {
"name": "polkit-docs-0:0.112-22.el7_7.2.noarch",
"product_id": "polkit-docs-0:0.112-22.el7_7.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.112-22.el7_7.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-22.el7_7.2.ppc64le",
"product": {
"name": "polkit-0:0.112-22.el7_7.2.ppc64le",
"product_id": "polkit-0:0.112-22.el7_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-22.el7_7.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-22.el7_7.2.ppc64le",
"product": {
"name": "polkit-devel-0:0.112-22.el7_7.2.ppc64le",
"product_id": "polkit-devel-0:0.112-22.el7_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-22.el7_7.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.ppc64le",
"product": {
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.ppc64le",
"product_id": "polkit-debuginfo-0:0.112-22.el7_7.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-22.el7_7.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-22.el7_7.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)",
"product_id": "7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.i686"
},
"product_reference": "polkit-0:0.112-22.el7_7.2.i686",
"relates_to_product_reference": "7Server-7.7.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-22.el7_7.2.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)",
"product_id": "7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.src"
},
"product_reference": "polkit-0:0.112-22.el7_7.2.src",
"relates_to_product_reference": "7Server-7.7.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-22.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)",
"product_id": "7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.x86_64"
},
"product_reference": "polkit-0:0.112-22.el7_7.2.x86_64",
"relates_to_product_reference": "7Server-7.7.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)",
"product_id": "7Server-7.7.AUS:polkit-debuginfo-0:0.112-22.el7_7.2.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"relates_to_product_reference": "7Server-7.7.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)",
"product_id": "7Server-7.7.AUS:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"relates_to_product_reference": "7Server-7.7.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-22.el7_7.2.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)",
"product_id": "7Server-7.7.AUS:polkit-devel-0:0.112-22.el7_7.2.i686"
},
"product_reference": "polkit-devel-0:0.112-22.el7_7.2.i686",
"relates_to_product_reference": "7Server-7.7.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-22.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)",
"product_id": "7Server-7.7.AUS:polkit-devel-0:0.112-22.el7_7.2.x86_64"
},
"product_reference": "polkit-devel-0:0.112-22.el7_7.2.x86_64",
"relates_to_product_reference": "7Server-7.7.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-22.el7_7.2.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 7.7)",
"product_id": "7Server-7.7.AUS:polkit-docs-0:0.112-22.el7_7.2.noarch"
},
"product_reference": "polkit-docs-0:0.112-22.el7_7.2.noarch",
"relates_to_product_reference": "7Server-7.7.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-22.el7_7.2.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.i686"
},
"product_reference": "polkit-0:0.112-22.el7_7.2.i686",
"relates_to_product_reference": "7Server-7.7.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-22.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.ppc64le"
},
"product_reference": "polkit-0:0.112-22.el7_7.2.ppc64le",
"relates_to_product_reference": "7Server-7.7.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-22.el7_7.2.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.src"
},
"product_reference": "polkit-0:0.112-22.el7_7.2.src",
"relates_to_product_reference": "7Server-7.7.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-22.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.x86_64"
},
"product_reference": "polkit-0:0.112-22.el7_7.2.x86_64",
"relates_to_product_reference": "7Server-7.7.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"relates_to_product_reference": "7Server-7.7.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.ppc64le"
},
"product_reference": "polkit-debuginfo-0:0.112-22.el7_7.2.ppc64le",
"relates_to_product_reference": "7Server-7.7.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"relates_to_product_reference": "7Server-7.7.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-22.el7_7.2.i686 as a component of Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.i686"
},
"product_reference": "polkit-devel-0:0.112-22.el7_7.2.i686",
"relates_to_product_reference": "7Server-7.7.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-22.el7_7.2.ppc64le as a component of Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.ppc64le"
},
"product_reference": "polkit-devel-0:0.112-22.el7_7.2.ppc64le",
"relates_to_product_reference": "7Server-7.7.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-22.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.x86_64"
},
"product_reference": "polkit-devel-0:0.112-22.el7_7.2.x86_64",
"relates_to_product_reference": "7Server-7.7.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-22.el7_7.2.noarch as a component of Red Hat Enterprise Linux Server E4S (v. 7.7)",
"product_id": "7Server-7.7.E4S:polkit-docs-0:0.112-22.el7_7.2.noarch"
},
"product_reference": "polkit-docs-0:0.112-22.el7_7.2.noarch",
"relates_to_product_reference": "7Server-7.7.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-22.el7_7.2.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.7)",
"product_id": "7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.i686"
},
"product_reference": "polkit-0:0.112-22.el7_7.2.i686",
"relates_to_product_reference": "7Server-7.7.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-22.el7_7.2.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.7)",
"product_id": "7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.src"
},
"product_reference": "polkit-0:0.112-22.el7_7.2.src",
"relates_to_product_reference": "7Server-7.7.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-22.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.7)",
"product_id": "7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.x86_64"
},
"product_reference": "polkit-0:0.112-22.el7_7.2.x86_64",
"relates_to_product_reference": "7Server-7.7.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.7)",
"product_id": "7Server-7.7.TUS:polkit-debuginfo-0:0.112-22.el7_7.2.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"relates_to_product_reference": "7Server-7.7.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-22.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.7)",
"product_id": "7Server-7.7.TUS:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"relates_to_product_reference": "7Server-7.7.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-22.el7_7.2.i686 as a component of Red Hat Enterprise Linux Server TUS (v. 7.7)",
"product_id": "7Server-7.7.TUS:polkit-devel-0:0.112-22.el7_7.2.i686"
},
"product_reference": "polkit-devel-0:0.112-22.el7_7.2.i686",
"relates_to_product_reference": "7Server-7.7.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-22.el7_7.2.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.7)",
"product_id": "7Server-7.7.TUS:polkit-devel-0:0.112-22.el7_7.2.x86_64"
},
"product_reference": "polkit-devel-0:0.112-22.el7_7.2.x86_64",
"relates_to_product_reference": "7Server-7.7.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-22.el7_7.2.noarch as a component of Red Hat Enterprise Linux Server TUS (v. 7.7)",
"product_id": "7Server-7.7.TUS:polkit-docs-0:0.112-22.el7_7.2.noarch"
},
"product_reference": "polkit-docs-0:0.112-22.el7_7.2.noarch",
"relates_to_product_reference": "7Server-7.7.TUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-docs-0:0.112-22.el7_7.2.noarch",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-docs-0:0.112-22.el7_7.2.noarch",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-docs-0:0.112-22.el7_7.2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-docs-0:0.112-22.el7_7.2.noarch",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-docs-0:0.112-22.el7_7.2.noarch",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-docs-0:0.112-22.el7_7.2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0273"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-docs-0:0.112-22.el7_7.2.noarch",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-docs-0:0.112-22.el7_7.2.noarch",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-docs-0:0.112-22.el7_7.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.AUS:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.AUS:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.AUS:polkit-docs-0:0.112-22.el7_7.2.noarch",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.E4S:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.ppc64le",
"7Server-7.7.E4S:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.E4S:polkit-docs-0:0.112-22.el7_7.2.noarch",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.src",
"7Server-7.7.TUS:polkit-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-debuginfo-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-debuginfo-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-devel-0:0.112-22.el7_7.2.i686",
"7Server-7.7.TUS:polkit-devel-0:0.112-22.el7_7.2.x86_64",
"7Server-7.7.TUS:polkit-docs-0:0.112-22.el7_7.2.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
}
rhsa-2022_0274
Vulnerability from csaf_redhat
Published
2022-01-25 20:10
Modified
2024-09-13 17:32
Summary
Red Hat Security Advisory: polkit security update
Notes
Topic
An update for polkit is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for polkit is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0274",
"url": "https://access.redhat.com/errata/RHSA-2022:0274"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0274.json"
}
],
"title": "Red Hat Security Advisory: polkit security update",
"tracking": {
"current_release_date": "2024-09-13T17:32:04+00:00",
"generator": {
"date": "2024-09-13T17:32:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0274",
"initial_release_date": "2022-01-25T20:10:56+00:00",
"revision_history": [
{
"date": "2022-01-25T20:10:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T20:10:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T17:32:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-26.el7_9.1.src",
"product": {
"name": "polkit-0:0.112-26.el7_9.1.src",
"product_id": "polkit-0:0.112-26.el7_9.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-26.el7_9.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-26.el7_9.1.x86_64",
"product": {
"name": "polkit-0:0.112-26.el7_9.1.x86_64",
"product_id": "polkit-0:0.112-26.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-26.el7_9.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"product": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"product_id": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-26.el7_9.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-26.el7_9.1.x86_64",
"product": {
"name": "polkit-devel-0:0.112-26.el7_9.1.x86_64",
"product_id": "polkit-devel-0:0.112-26.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-26.el7_9.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-26.el7_9.1.i686",
"product": {
"name": "polkit-0:0.112-26.el7_9.1.i686",
"product_id": "polkit-0:0.112-26.el7_9.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-26.el7_9.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"product": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"product_id": "polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-26.el7_9.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-26.el7_9.1.i686",
"product": {
"name": "polkit-devel-0:0.112-26.el7_9.1.i686",
"product_id": "polkit-devel-0:0.112-26.el7_9.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-26.el7_9.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-docs-0:0.112-26.el7_9.1.noarch",
"product": {
"name": "polkit-docs-0:0.112-26.el7_9.1.noarch",
"product_id": "polkit-docs-0:0.112-26.el7_9.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.112-26.el7_9.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-26.el7_9.1.ppc",
"product": {
"name": "polkit-0:0.112-26.el7_9.1.ppc",
"product_id": "polkit-0:0.112-26.el7_9.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-26.el7_9.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc",
"product": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc",
"product_id": "polkit-devel-0:0.112-26.el7_9.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-26.el7_9.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"product": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"product_id": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-26.el7_9.1?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-26.el7_9.1.ppc64",
"product": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64",
"product_id": "polkit-0:0.112-26.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-26.el7_9.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64",
"product": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64",
"product_id": "polkit-devel-0:0.112-26.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-26.el7_9.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"product": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"product_id": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-26.el7_9.1?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-26.el7_9.1.ppc64le",
"product": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64le",
"product_id": "polkit-0:0.112-26.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-26.el7_9.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"product": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"product_id": "polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-26.el7_9.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"product": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"product_id": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-26.el7_9.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-26.el7_9.1.s390",
"product": {
"name": "polkit-0:0.112-26.el7_9.1.s390",
"product_id": "polkit-0:0.112-26.el7_9.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-26.el7_9.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-26.el7_9.1.s390",
"product": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390",
"product_id": "polkit-devel-0:0.112-26.el7_9.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-26.el7_9.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"product": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"product_id": "polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-26.el7_9.1?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.112-26.el7_9.1.s390x",
"product": {
"name": "polkit-0:0.112-26.el7_9.1.s390x",
"product_id": "polkit-0:0.112-26.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.112-26.el7_9.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.112-26.el7_9.1.s390x",
"product": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390x",
"product_id": "polkit-devel-0:0.112-26.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.112-26.el7_9.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"product": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"product_id": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.112-26.el7_9.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.src"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.src",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-26.el7_9.1.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch"
},
"product_reference": "polkit-docs-0:0.112-26.el7_9.1.noarch",
"relates_to_product_reference": "7Client-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.src"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.src",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-26.el7_9.1.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch"
},
"product_reference": "polkit-docs-0:0.112-26.el7_9.1.noarch",
"relates_to_product_reference": "7Client-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.src"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.src",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-26.el7_9.1.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch"
},
"product_reference": "polkit-docs-0:0.112-26.el7_9.1.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.src"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.src",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-26.el7_9.1.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch"
},
"product_reference": "polkit-docs-0:0.112-26.el7_9.1.noarch",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.src"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.src",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.i686",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.s390",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.112-26.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64"
},
"product_reference": "polkit-devel-0:0.112-26.el7_9.1.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.112-26.el7_9.1.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch"
},
"product_reference": "polkit-docs-0:0.112-26.el7_9.1.noarch",
"relates_to_product_reference": "7Workstation-7.9.Z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0274"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Client-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Client-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Client-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Client-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Client-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Client-optional-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7ComputeNode-optional-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7ComputeNode-optional-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7ComputeNode-optional-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Server-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Server-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Server-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.src",
"7Workstation-7.9.Z:polkit-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-debuginfo-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.i686",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.ppc64le",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.s390x",
"7Workstation-7.9.Z:polkit-devel-0:0.112-26.el7_9.1.x86_64",
"7Workstation-7.9.Z:polkit-docs-0:0.112-26.el7_9.1.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
}
rhsa-2022_0443
Vulnerability from csaf_redhat
Published
2022-02-07 10:46
Modified
2024-09-13 18:19
Summary
Red Hat Security Advisory: RHV-H security update (redhat-virtualization-host) 4.3.21
Notes
Topic
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The redhat-virtualization-host packages provide the Red Hat Virtualization Host.
These packages include redhat-release-virtualization-host. Red Hat
Virtualization Hosts (RHVH) are installed using a special build of Red Hat
Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and
performing administrative tasks.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
* samba: Active Directory (AD) domain user could become root on domain members (CVE-2020-25717)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host.\nThese packages include redhat-release-virtualization-host. Red Hat\nVirtualization Hosts (RHVH) are installed using a special build of Red Hat\nEnterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host\u0027s resources and\nperforming administrative tasks.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\n* samba: Active Directory (AD) domain user could become root on domain members (CVE-2020-25717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0443",
"url": "https://access.redhat.com/errata/RHSA-2022:0443"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2019672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019672"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0443.json"
}
],
"title": "Red Hat Security Advisory: RHV-H security update (redhat-virtualization-host) 4.3.21",
"tracking": {
"current_release_date": "2024-09-13T18:19:03+00:00",
"generator": {
"date": "2024-09-13T18:19:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0443",
"initial_release_date": "2022-02-07T10:46:52+00:00",
"revision_history": [
{
"date": "2022-02-07T10:46:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-07T10:46:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T18:19:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product": {
"name": "RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor"
}
}
},
{
"category": "product_name",
"name": "Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product": {
"name": "Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product_id": "7Server-RHEV-4-Hypervisor-7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "redhat-release-virtualization-host-0:4.3.21-1.el7ev.src",
"product": {
"name": "redhat-release-virtualization-host-0:4.3.21-1.el7ev.src",
"product_id": "redhat-release-virtualization-host-0:4.3.21-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.3.21-1.el7ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"product": {
"name": "redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"product_id": "redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host@4.3.21-20220126.0.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64",
"product": {
"name": "redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64",
"product_id": "redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.3.21-1.el7ev?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch",
"product": {
"name": "redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch",
"product_id": "redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.3.21-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"product": {
"name": "redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"product_id": "redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.3.21-20220126.0.el7_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product_id": "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src"
},
"product_reference": "redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"relates_to_product_reference": "7Server-RHEV-4-Hypervisor-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product_id": "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch"
},
"product_reference": "redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Hypervisor-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-release-virtualization-host-0:4.3.21-1.el7ev.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.src"
},
"product_reference": "redhat-release-virtualization-host-0:4.3.21-1.el7ev.src",
"relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64 as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64"
},
"product_reference": "redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src"
},
"product_reference": "redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch"
},
"product_reference": "redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch"
},
"product_reference": "redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Samba project"
]
},
{
"names": [
"Andrew Bartlett"
],
"organization": "Catalyst and the Samba Team"
}
],
"cve": "CVE-2020-25717",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2019672"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "samba: Active Directory (AD) domain user could become root on domain members",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch"
],
"known_not_affected": [
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25717"
},
{
"category": "external",
"summary": "RHBZ#2019672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25717",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25717"
},
{
"category": "external",
"summary": "https://www.samba.org/samba/security/CVE-2020-25717.html",
"url": "https://www.samba.org/samba/security/CVE-2020-25717.html"
}
],
"release_date": "2021-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0443"
},
{
"category": "workaround",
"details": "Setting \"gensec:require_pac=true\" in the smb.conf makes, due to a cache prime in winbind, the DOMAIN\\user lookup succeed, provided nss_winbind is in use, \u0027winbind use default domain = no\u0027 (the default) and no error paths are hit. \n\nIt would be prudent to pre-create disabled users in Active Directory matching on all privileged names not held in Active Directory, eg \n~~~\n samba-tool user add root -H ldap://$SERVER -U$USERNAME%$PASSWORD --random-password\n samba-tool user add ubuntu -H ldap://$SERVER -U$USERNAME%$PASSWORD --random-password\n ~~~\n (repeat for eg all system users under 1000 in /etc/passwd or special to any other AD-connected services, eg perhaps \"admin\" for a web-app)",
"product_ids": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "samba: Active Directory (AD) domain user could become root on domain members"
},
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch"
],
"known_not_affected": [
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0443"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.3.21-1.el7ev.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.3.21-1.el7ev.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-0:4.3.21-20220126.0.el7_9.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-0:4.3.21-20220126.0.el7_9.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
}
rhsa-2022_0269
Vulnerability from csaf_redhat
Published
2022-01-25 18:21
Modified
2024-09-13 17:32
Summary
Red Hat Security Advisory: polkit security update
Notes
Topic
An update for polkit is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
Security Fix(es):
* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for polkit is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0269",
"url": "https://access.redhat.com/errata/RHSA-2022:0269"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"category": "external",
"summary": "2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0269.json"
}
],
"title": "Red Hat Security Advisory: polkit security update",
"tracking": {
"current_release_date": "2024-09-13T17:32:43+00:00",
"generator": {
"date": "2024-09-13T17:32:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0269",
"initial_release_date": "2022-01-25T18:21:43+00:00",
"revision_history": [
{
"date": "2022-01-25T18:21:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T18:21:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T17:32:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.96-11.el6_10.2.src",
"product": {
"name": "polkit-0:0.96-11.el6_10.2.src",
"product_id": "polkit-0:0.96-11.el6_10.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.96-11.el6_10.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.96-11.el6_10.2.s390",
"product": {
"name": "polkit-0:0.96-11.el6_10.2.s390",
"product_id": "polkit-0:0.96-11.el6_10.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.96-11.el6_10.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.96-11.el6_10.2.s390",
"product": {
"name": "polkit-devel-0:0.96-11.el6_10.2.s390",
"product_id": "polkit-devel-0:0.96-11.el6_10.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.96-11.el6_10.2?arch=s390"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.s390",
"product": {
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.s390",
"product_id": "polkit-debuginfo-0:0.96-11.el6_10.2.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.96-11.el6_10.2?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.96-11.el6_10.2.s390x",
"product": {
"name": "polkit-0:0.96-11.el6_10.2.s390x",
"product_id": "polkit-0:0.96-11.el6_10.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.96-11.el6_10.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.96-11.el6_10.2.s390x",
"product": {
"name": "polkit-devel-0:0.96-11.el6_10.2.s390x",
"product_id": "polkit-devel-0:0.96-11.el6_10.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.96-11.el6_10.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-docs-0:0.96-11.el6_10.2.s390x",
"product": {
"name": "polkit-docs-0:0.96-11.el6_10.2.s390x",
"product_id": "polkit-docs-0:0.96-11.el6_10.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.96-11.el6_10.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.s390x",
"product": {
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.s390x",
"product_id": "polkit-debuginfo-0:0.96-11.el6_10.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.96-11.el6_10.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.96-11.el6_10.2.x86_64",
"product": {
"name": "polkit-0:0.96-11.el6_10.2.x86_64",
"product_id": "polkit-0:0.96-11.el6_10.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.96-11.el6_10.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.96-11.el6_10.2.x86_64",
"product": {
"name": "polkit-devel-0:0.96-11.el6_10.2.x86_64",
"product_id": "polkit-devel-0:0.96-11.el6_10.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.96-11.el6_10.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-docs-0:0.96-11.el6_10.2.x86_64",
"product": {
"name": "polkit-docs-0:0.96-11.el6_10.2.x86_64",
"product_id": "polkit-docs-0:0.96-11.el6_10.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.96-11.el6_10.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.x86_64",
"product": {
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.x86_64",
"product_id": "polkit-debuginfo-0:0.96-11.el6_10.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.96-11.el6_10.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-0:0.96-11.el6_10.2.i686",
"product": {
"name": "polkit-0:0.96-11.el6_10.2.i686",
"product_id": "polkit-0:0.96-11.el6_10.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit@0.96-11.el6_10.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-devel-0:0.96-11.el6_10.2.i686",
"product": {
"name": "polkit-devel-0:0.96-11.el6_10.2.i686",
"product_id": "polkit-devel-0:0.96-11.el6_10.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-devel@0.96-11.el6_10.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.i686",
"product": {
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.i686",
"product_id": "polkit-debuginfo-0:0.96-11.el6_10.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-debuginfo@0.96-11.el6_10.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "polkit-docs-0:0.96-11.el6_10.2.i686",
"product": {
"name": "polkit-docs-0:0.96-11.el6_10.2.i686",
"product_id": "polkit-docs-0:0.96-11.el6_10.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-docs@0.96-11.el6_10.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "polkit-desktop-policy-0:0.96-11.el6_10.2.noarch",
"product": {
"name": "polkit-desktop-policy-0:0.96-11.el6_10.2.noarch",
"product_id": "polkit-desktop-policy-0:0.96-11.el6_10.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/polkit-desktop-policy@0.96-11.el6_10.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.96-11.el6_10.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-0:0.96-11.el6_10.2.i686"
},
"product_reference": "polkit-0:0.96-11.el6_10.2.i686",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.96-11.el6_10.2.s390 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-0:0.96-11.el6_10.2.s390"
},
"product_reference": "polkit-0:0.96-11.el6_10.2.s390",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.96-11.el6_10.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-0:0.96-11.el6_10.2.s390x"
},
"product_reference": "polkit-0:0.96-11.el6_10.2.s390x",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.96-11.el6_10.2.src as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-0:0.96-11.el6_10.2.src"
},
"product_reference": "polkit-0:0.96-11.el6_10.2.src",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-0:0.96-11.el6_10.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-0:0.96-11.el6_10.2.x86_64"
},
"product_reference": "polkit-0:0.96-11.el6_10.2.x86_64",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.i686"
},
"product_reference": "polkit-debuginfo-0:0.96-11.el6_10.2.i686",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.s390 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.s390"
},
"product_reference": "polkit-debuginfo-0:0.96-11.el6_10.2.s390",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.s390x"
},
"product_reference": "polkit-debuginfo-0:0.96-11.el6_10.2.s390x",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-debuginfo-0:0.96-11.el6_10.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.x86_64"
},
"product_reference": "polkit-debuginfo-0:0.96-11.el6_10.2.x86_64",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-desktop-policy-0:0.96-11.el6_10.2.noarch as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-desktop-policy-0:0.96-11.el6_10.2.noarch"
},
"product_reference": "polkit-desktop-policy-0:0.96-11.el6_10.2.noarch",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.96-11.el6_10.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.i686"
},
"product_reference": "polkit-devel-0:0.96-11.el6_10.2.i686",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.96-11.el6_10.2.s390 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.s390"
},
"product_reference": "polkit-devel-0:0.96-11.el6_10.2.s390",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.96-11.el6_10.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.s390x"
},
"product_reference": "polkit-devel-0:0.96-11.el6_10.2.s390x",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-devel-0:0.96-11.el6_10.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.x86_64"
},
"product_reference": "polkit-devel-0:0.96-11.el6_10.2.x86_64",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.96-11.el6_10.2.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.i686"
},
"product_reference": "polkit-docs-0:0.96-11.el6_10.2.i686",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.96-11.el6_10.2.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.s390x"
},
"product_reference": "polkit-docs-0:0.96-11.el6_10.2.s390x",
"relates_to_product_reference": "6Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "polkit-docs-0:0.96-11.el6_10.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)",
"product_id": "6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.x86_64"
},
"product_reference": "polkit-docs-0:0.96-11.el6_10.2.x86_64",
"relates_to_product_reference": "6Server-ELS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2025869"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-ELS:polkit-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.src",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-desktop-policy-0:0.96-11.el6_10.2.noarch",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"category": "external",
"summary": "RHBZ#2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"category": "external",
"summary": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2022-01-25T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-ELS:polkit-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.src",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-desktop-policy-0:0.96-11.el6_10.2.noarch",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0269"
},
{
"category": "workaround",
"details": "For customers who cannot update immediately and doesn\u0027t have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn\u0027t work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel\u0027s keyring.",
"product_ids": [
"6Server-ELS:polkit-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.src",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-desktop-policy-0:0.96-11.el6_10.2.noarch",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-ELS:polkit-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.src",
"6Server-ELS:polkit-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-debuginfo-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-desktop-policy-0:0.96-11.el6_10.2.noarch",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.s390",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-devel-0:0.96-11.el6_10.2.x86_64",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.i686",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.s390x",
"6Server-ELS:polkit-docs-0:0.96-11.el6_10.2.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-06-27T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
}
ghsa-qgr2-xgqv-24x8
Vulnerability from github
Published
2022-01-29 00:00
Modified
2025-04-03 21:32
Severity ?
Details
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
{
"affected": [],
"aliases": [
"CVE-2021-4034"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-28T20:15:00Z",
"severity": "HIGH"
},
"details": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"id": "GHSA-qgr2-xgqv-24x8",
"modified": "2025-04-03T21:32:46Z",
"published": "2022-01-29T00:00:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4034"
},
{
"type": "WEB",
"url": "https://www.vicarius.io/vsociety/posts/pwnkit-pkexec-lpe-cve-2021-4034"
},
{
"type": "WEB",
"url": "https://www.suse.com/support/kb/doc/?id=000020564"
},
{
"type": "WEB",
"url": "https://www.starwindsoftware.com/security/sw-20220818-0001"
},
{
"type": "WEB",
"url": "https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034"
},
{
"type": "WEB",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"type": "WEB",
"url": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0540"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0443"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0274"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0273"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0272"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0271"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0270"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0269"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0268"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0267"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0266"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2022:0265"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
wid-sec-w-2022-0432
Vulnerability from csaf_certbund
Published
2022-06-21 22:00
Modified
2023-04-03 22:00
Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0432 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0432.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0432 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0432"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-005 vom 2023-04-04",
"url": "https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "Xerox Mini Bulletin XRX21A vom 2022-06-21",
"url": "https://security.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-014-FreeFlow-Print-Server-v9.pdf"
}
],
"source_lang": "en-US",
"title": "Xerox FreeFlow Print Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-04-03T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:29:02.928+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-0432",
"initial_release_date": "2022-06-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-06-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-04-03T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server 9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
},
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server v9",
"product": {
"name": "Xerox FreeFlow Print Server v9",
"product_id": "T015632",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-2124",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2016-2124"
},
{
"cve": "CVE-2019-14822",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2019-14822"
},
{
"cve": "CVE-2019-19906",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2019-19906"
},
{
"cve": "CVE-2020-15250",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2020-15250"
},
{
"cve": "CVE-2020-17049",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2020-17049"
},
{
"cve": "CVE-2020-25717",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2020-25717"
},
{
"cve": "CVE-2020-25718",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2020-25718"
},
{
"cve": "CVE-2020-25719",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2020-25719"
},
{
"cve": "CVE-2020-25721",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2020-25721"
},
{
"cve": "CVE-2020-25722",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2020-25722"
},
{
"cve": "CVE-2020-9484",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2020-9484"
},
{
"cve": "CVE-2021-21707",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-21707"
},
{
"cve": "CVE-2021-22926",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-22926"
},
{
"cve": "CVE-2021-23192",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-23192"
},
{
"cve": "CVE-2021-27815",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-27815"
},
{
"cve": "CVE-2021-30846",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-30846"
},
{
"cve": "CVE-2021-30848",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-30848"
},
{
"cve": "CVE-2021-30849",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-30849"
},
{
"cve": "CVE-2021-30851",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-30851"
},
{
"cve": "CVE-2021-30858",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-30858"
},
{
"cve": "CVE-2021-33430",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-33430"
},
{
"cve": "CVE-2021-34141",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-34141"
},
{
"cve": "CVE-2021-35604",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-35604"
},
{
"cve": "CVE-2021-35624",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-35624"
},
{
"cve": "CVE-2021-3572",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3572"
},
{
"cve": "CVE-2021-3711",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3711"
},
{
"cve": "CVE-2021-3733",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3733"
},
{
"cve": "CVE-2021-3737",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3737"
},
{
"cve": "CVE-2021-3738",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3738"
},
{
"cve": "CVE-2021-3770",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3770"
},
{
"cve": "CVE-2021-3778",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3778"
},
{
"cve": "CVE-2021-3796",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3796"
},
{
"cve": "CVE-2021-38115",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-38115"
},
{
"cve": "CVE-2021-3872",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3872"
},
{
"cve": "CVE-2021-3875",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3875"
},
{
"cve": "CVE-2021-3903",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3903"
},
{
"cve": "CVE-2021-39212",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-39212"
},
{
"cve": "CVE-2021-39272",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-39272"
},
{
"cve": "CVE-2021-3928",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3928"
},
{
"cve": "CVE-2021-3968",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3968"
},
{
"cve": "CVE-2021-3973",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3973"
},
{
"cve": "CVE-2021-3974",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3974"
},
{
"cve": "CVE-2021-3984",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-3984"
},
{
"cve": "CVE-2021-39920",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-39920"
},
{
"cve": "CVE-2021-39921",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-39921"
},
{
"cve": "CVE-2021-39922",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-39922"
},
{
"cve": "CVE-2021-39923",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-39923"
},
{
"cve": "CVE-2021-39924",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-39924"
},
{
"cve": "CVE-2021-39925",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-39925"
},
{
"cve": "CVE-2021-39926",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-39926"
},
{
"cve": "CVE-2021-39928",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-39928"
},
{
"cve": "CVE-2021-39929",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-39929"
},
{
"cve": "CVE-2021-4008",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4008"
},
{
"cve": "CVE-2021-4009",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4009"
},
{
"cve": "CVE-2021-4010",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4010"
},
{
"cve": "CVE-2021-4011",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4011"
},
{
"cve": "CVE-2021-40145",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-40145"
},
{
"cve": "CVE-2021-4019",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4019"
},
{
"cve": "CVE-2021-4034",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4034"
},
{
"cve": "CVE-2021-4069",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4069"
},
{
"cve": "CVE-2021-40812",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-40812"
},
{
"cve": "CVE-2021-41133",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-41133"
},
{
"cve": "CVE-2021-4140",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4140"
},
{
"cve": "CVE-2021-41495",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-41495"
},
{
"cve": "CVE-2021-41496",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-41496"
},
{
"cve": "CVE-2021-4181",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4181"
},
{
"cve": "CVE-2021-41817",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-41817"
},
{
"cve": "CVE-2021-41819",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-41819"
},
{
"cve": "CVE-2021-4182",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4182"
},
{
"cve": "CVE-2021-4183",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4183"
},
{
"cve": "CVE-2021-4184",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4184"
},
{
"cve": "CVE-2021-4185",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-4185"
},
{
"cve": "CVE-2021-42717",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-42717"
},
{
"cve": "CVE-2021-42762",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-42762"
},
{
"cve": "CVE-2021-43331",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43331"
},
{
"cve": "CVE-2021-43332",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43332"
},
{
"cve": "CVE-2021-43395",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43395"
},
{
"cve": "CVE-2021-43527",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43527"
},
{
"cve": "CVE-2021-43528",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43528"
},
{
"cve": "CVE-2021-43536",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43536"
},
{
"cve": "CVE-2021-43537",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43537"
},
{
"cve": "CVE-2021-43538",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43538"
},
{
"cve": "CVE-2021-43539",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43539"
},
{
"cve": "CVE-2021-43541",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43541"
},
{
"cve": "CVE-2021-43542",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43542"
},
{
"cve": "CVE-2021-43543",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43543"
},
{
"cve": "CVE-2021-43545",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43545"
},
{
"cve": "CVE-2021-43546",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43546"
},
{
"cve": "CVE-2021-43566",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43566"
},
{
"cve": "CVE-2021-43818",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-43818"
},
{
"cve": "CVE-2021-44142",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44142"
},
{
"cve": "CVE-2021-44224",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44224"
},
{
"cve": "CVE-2021-44227",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44227"
},
{
"cve": "CVE-2021-44420",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44420"
},
{
"cve": "CVE-2021-44531",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44531"
},
{
"cve": "CVE-2021-44532",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44532"
},
{
"cve": "CVE-2021-44533",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44533"
},
{
"cve": "CVE-2021-44540",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44540"
},
{
"cve": "CVE-2021-44541",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44541"
},
{
"cve": "CVE-2021-44542",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44542"
},
{
"cve": "CVE-2021-44543",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44543"
},
{
"cve": "CVE-2021-44790",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-44790"
},
{
"cve": "CVE-2021-45078",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-45078"
},
{
"cve": "CVE-2021-45115",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-45115"
},
{
"cve": "CVE-2021-45116",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-45116"
},
{
"cve": "CVE-2021-45452",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-45452"
},
{
"cve": "CVE-2021-45960",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-45960"
},
{
"cve": "CVE-2021-46143",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2021-46143"
},
{
"cve": "CVE-2022-0336",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-0336"
},
{
"cve": "CVE-2022-0391",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-0391"
},
{
"cve": "CVE-2022-0566",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-0566"
},
{
"cve": "CVE-2022-0581",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-0581"
},
{
"cve": "CVE-2022-0582",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-0582"
},
{
"cve": "CVE-2022-0583",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-0583"
},
{
"cve": "CVE-2022-0585",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-0585"
},
{
"cve": "CVE-2022-0586",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-0586"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-21248",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21248"
},
{
"cve": "CVE-2022-21263",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21263"
},
{
"cve": "CVE-2022-21271",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21271"
},
{
"cve": "CVE-2022-21282",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21282"
},
{
"cve": "CVE-2022-21291",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21291"
},
{
"cve": "CVE-2022-21293",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21293"
},
{
"cve": "CVE-2022-21294",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21294"
},
{
"cve": "CVE-2022-21296",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21296"
},
{
"cve": "CVE-2022-21298",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21298"
},
{
"cve": "CVE-2022-21299",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21299"
},
{
"cve": "CVE-2022-21305",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21305"
},
{
"cve": "CVE-2022-21340",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21340"
},
{
"cve": "CVE-2022-21341",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21341"
},
{
"cve": "CVE-2022-21349",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21349"
},
{
"cve": "CVE-2022-21360",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21360"
},
{
"cve": "CVE-2022-21365",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21365"
},
{
"cve": "CVE-2022-21375",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21375"
},
{
"cve": "CVE-2022-21384",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21384"
},
{
"cve": "CVE-2022-21416",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21416"
},
{
"cve": "CVE-2022-21446",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21446"
},
{
"cve": "CVE-2022-21461",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21461"
},
{
"cve": "CVE-2022-21463",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21463"
},
{
"cve": "CVE-2022-21493",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21493"
},
{
"cve": "CVE-2022-21494",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21494"
},
{
"cve": "CVE-2022-21712",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21712"
},
{
"cve": "CVE-2022-21716",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21716"
},
{
"cve": "CVE-2022-21824",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-21824"
},
{
"cve": "CVE-2022-22719",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22720",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22721",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22737",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22737"
},
{
"cve": "CVE-2022-22738",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22738"
},
{
"cve": "CVE-2022-22739",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22739"
},
{
"cve": "CVE-2022-22740",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22740"
},
{
"cve": "CVE-2022-22741",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22741"
},
{
"cve": "CVE-2022-22742",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22742"
},
{
"cve": "CVE-2022-22743",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22743"
},
{
"cve": "CVE-2022-22744",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22744"
},
{
"cve": "CVE-2022-22745",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22745"
},
{
"cve": "CVE-2022-22746",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22746"
},
{
"cve": "CVE-2022-22747",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22747"
},
{
"cve": "CVE-2022-22748",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22748"
},
{
"cve": "CVE-2022-22751",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22751"
},
{
"cve": "CVE-2022-22753",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22753"
},
{
"cve": "CVE-2022-22754",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22754"
},
{
"cve": "CVE-2022-22756",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22756"
},
{
"cve": "CVE-2022-22759",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22759"
},
{
"cve": "CVE-2022-22760",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22760"
},
{
"cve": "CVE-2022-22761",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22761"
},
{
"cve": "CVE-2022-22763",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22763"
},
{
"cve": "CVE-2022-22764",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22764"
},
{
"cve": "CVE-2022-22815",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22815"
},
{
"cve": "CVE-2022-22816",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22816"
},
{
"cve": "CVE-2022-22817",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22817"
},
{
"cve": "CVE-2022-22818",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22818"
},
{
"cve": "CVE-2022-22822",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22822"
},
{
"cve": "CVE-2022-22823",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22823"
},
{
"cve": "CVE-2022-22824",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22824"
},
{
"cve": "CVE-2022-22825",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22825"
},
{
"cve": "CVE-2022-22826",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22826"
},
{
"cve": "CVE-2022-22827",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-22827"
},
{
"cve": "CVE-2022-23181",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-23181"
},
{
"cve": "CVE-2022-23833",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-23833"
},
{
"cve": "CVE-2022-23852",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-23852"
},
{
"cve": "CVE-2022-23943",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-23943"
},
{
"cve": "CVE-2022-23990",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-23990"
},
{
"cve": "CVE-2022-24407",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-24407"
},
{
"cve": "CVE-2022-25235",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-25236",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-25313",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2022-25314",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-25314"
},
{
"cve": "CVE-2022-25315",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-26381",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-26381"
},
{
"cve": "CVE-2022-26383",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-26383"
},
{
"cve": "CVE-2022-26384",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-26384"
},
{
"cve": "CVE-2022-26386",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-26386"
},
{
"cve": "CVE-2022-26387",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-26387"
},
{
"cve": "CVE-2022-26485",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-26485"
},
{
"cve": "CVE-2022-26486",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T015632",
"T002977"
]
},
"release_date": "2022-06-21T22:00:00.000+00:00",
"title": "CVE-2022-26486"
}
]
}
wid-sec-w-2022-0302
Vulnerability from csaf_certbund
Published
2022-06-14 22:00
Modified
2023-04-03 22:00
Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen ermöglichen Ausführen von beliebigem Programmcode mit Administratorrechten
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0302 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0302.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0302 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0302"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-005 vom 2023-04-04",
"url": "https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "Xerox Security Bulletin XRX22-015",
"url": "https://security.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-015-FreeFlow-Print-Server-v7.pdf"
},
{
"category": "external",
"summary": "Xerox Security Bulletin XRX22-013 vom 2022-06-14",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-013-FreeFlow-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "Xerox Security Bulletin XRX22-012 vom 2022-06-14",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-012-FreeFlow-Printer.pdf"
}
],
"source_lang": "en-US",
"title": "Xerox FreeFlow Print Server: Mehrere Schwachstellen erm\u00f6glichen Ausf\u00fchren von beliebigem Programmcode mit Administratorrechten",
"tracking": {
"current_release_date": "2023-04-03T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:27:55.136+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-0302",
"initial_release_date": "2022-06-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-06-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-06-21T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2023-04-03T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server 7",
"product": {
"name": "Xerox FreeFlow Print Server 7",
"product_id": "T000872",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:7"
}
}
},
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server 9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-2124",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2016-2124"
},
{
"cve": "CVE-2019-14822",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2019-14822"
},
{
"cve": "CVE-2019-19906",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2019-19906"
},
{
"cve": "CVE-2020-15250",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2020-15250"
},
{
"cve": "CVE-2020-17049",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2020-17049"
},
{
"cve": "CVE-2020-25717",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2020-25717"
},
{
"cve": "CVE-2020-25718",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2020-25718"
},
{
"cve": "CVE-2020-25719",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2020-25719"
},
{
"cve": "CVE-2020-25721",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2020-25721"
},
{
"cve": "CVE-2020-25722",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2020-25722"
},
{
"cve": "CVE-2020-9484",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2020-9484"
},
{
"cve": "CVE-2021-21707",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-21707"
},
{
"cve": "CVE-2021-22926",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-22926"
},
{
"cve": "CVE-2021-23192",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-23192"
},
{
"cve": "CVE-2021-27815",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-27815"
},
{
"cve": "CVE-2021-30846",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-30846"
},
{
"cve": "CVE-2021-30848",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-30848"
},
{
"cve": "CVE-2021-30849",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-30849"
},
{
"cve": "CVE-2021-30851",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-30851"
},
{
"cve": "CVE-2021-30858",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-30858"
},
{
"cve": "CVE-2021-33430",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-33430"
},
{
"cve": "CVE-2021-34141",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-34141"
},
{
"cve": "CVE-2021-35604",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-35604"
},
{
"cve": "CVE-2021-35624",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-35624"
},
{
"cve": "CVE-2021-3572",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3572"
},
{
"cve": "CVE-2021-3711",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3711"
},
{
"cve": "CVE-2021-3733",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3733"
},
{
"cve": "CVE-2021-3737",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3737"
},
{
"cve": "CVE-2021-3738",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3738"
},
{
"cve": "CVE-2021-3770",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3770"
},
{
"cve": "CVE-2021-3778",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3778"
},
{
"cve": "CVE-2021-3796",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3796"
},
{
"cve": "CVE-2021-38115",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-38115"
},
{
"cve": "CVE-2021-3872",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3872"
},
{
"cve": "CVE-2021-3875",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3875"
},
{
"cve": "CVE-2021-3903",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3903"
},
{
"cve": "CVE-2021-39212",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-39212"
},
{
"cve": "CVE-2021-39272",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-39272"
},
{
"cve": "CVE-2021-3928",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3928"
},
{
"cve": "CVE-2021-3968",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3968"
},
{
"cve": "CVE-2021-3973",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3973"
},
{
"cve": "CVE-2021-3974",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3974"
},
{
"cve": "CVE-2021-3984",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-3984"
},
{
"cve": "CVE-2021-39920",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-39920"
},
{
"cve": "CVE-2021-39921",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-39921"
},
{
"cve": "CVE-2021-39922",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-39922"
},
{
"cve": "CVE-2021-39923",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-39923"
},
{
"cve": "CVE-2021-39924",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-39924"
},
{
"cve": "CVE-2021-39925",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-39925"
},
{
"cve": "CVE-2021-39926",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-39926"
},
{
"cve": "CVE-2021-39928",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-39928"
},
{
"cve": "CVE-2021-39929",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-39929"
},
{
"cve": "CVE-2021-4008",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4008"
},
{
"cve": "CVE-2021-4009",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4009"
},
{
"cve": "CVE-2021-4010",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4010"
},
{
"cve": "CVE-2021-4011",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4011"
},
{
"cve": "CVE-2021-40145",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-40145"
},
{
"cve": "CVE-2021-4019",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4019"
},
{
"cve": "CVE-2021-4034",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4034"
},
{
"cve": "CVE-2021-4069",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4069"
},
{
"cve": "CVE-2021-40812",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-40812"
},
{
"cve": "CVE-2021-41133",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-41133"
},
{
"cve": "CVE-2021-4140",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4140"
},
{
"cve": "CVE-2021-41495",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-41495"
},
{
"cve": "CVE-2021-41496",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-41496"
},
{
"cve": "CVE-2021-4160",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4160"
},
{
"cve": "CVE-2021-4181",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4181"
},
{
"cve": "CVE-2021-41817",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-41817"
},
{
"cve": "CVE-2021-41819",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-41819"
},
{
"cve": "CVE-2021-4182",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4182"
},
{
"cve": "CVE-2021-4183",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4183"
},
{
"cve": "CVE-2021-4184",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4184"
},
{
"cve": "CVE-2021-4185",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-4185"
},
{
"cve": "CVE-2021-42717",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-42717"
},
{
"cve": "CVE-2021-42762",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-42762"
},
{
"cve": "CVE-2021-43331",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43331"
},
{
"cve": "CVE-2021-43332",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43332"
},
{
"cve": "CVE-2021-43395",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43395"
},
{
"cve": "CVE-2021-43527",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43527"
},
{
"cve": "CVE-2021-43528",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43528"
},
{
"cve": "CVE-2021-43536",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43536"
},
{
"cve": "CVE-2021-43537",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43537"
},
{
"cve": "CVE-2021-43538",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43538"
},
{
"cve": "CVE-2021-43539",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43539"
},
{
"cve": "CVE-2021-43541",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43541"
},
{
"cve": "CVE-2021-43542",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43542"
},
{
"cve": "CVE-2021-43543",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43543"
},
{
"cve": "CVE-2021-43545",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43545"
},
{
"cve": "CVE-2021-43546",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43546"
},
{
"cve": "CVE-2021-43566",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43566"
},
{
"cve": "CVE-2021-43818",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-43818"
},
{
"cve": "CVE-2021-44142",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44142"
},
{
"cve": "CVE-2021-44224",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44224"
},
{
"cve": "CVE-2021-44227",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44227"
},
{
"cve": "CVE-2021-44420",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44420"
},
{
"cve": "CVE-2021-44531",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44531"
},
{
"cve": "CVE-2021-44532",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44532"
},
{
"cve": "CVE-2021-44533",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44533"
},
{
"cve": "CVE-2021-44540",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44540"
},
{
"cve": "CVE-2021-44541",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44541"
},
{
"cve": "CVE-2021-44542",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44542"
},
{
"cve": "CVE-2021-44543",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44543"
},
{
"cve": "CVE-2021-44790",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-44790"
},
{
"cve": "CVE-2021-45078",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-45078"
},
{
"cve": "CVE-2021-45115",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-45115"
},
{
"cve": "CVE-2021-45116",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-45116"
},
{
"cve": "CVE-2021-45452",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-45452"
},
{
"cve": "CVE-2021-45960",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-45960"
},
{
"cve": "CVE-2021-46143",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2021-46143"
},
{
"cve": "CVE-2022-0336",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-0336"
},
{
"cve": "CVE-2022-0391",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-0391"
},
{
"cve": "CVE-2022-0566",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-0566"
},
{
"cve": "CVE-2022-0581",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-0581"
},
{
"cve": "CVE-2022-0582",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-0582"
},
{
"cve": "CVE-2022-0583",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-0583"
},
{
"cve": "CVE-2022-0585",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-0585"
},
{
"cve": "CVE-2022-0586",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-0586"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-21248",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21248"
},
{
"cve": "CVE-2022-21263",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21263"
},
{
"cve": "CVE-2022-21271",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21271"
},
{
"cve": "CVE-2022-21282",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21282"
},
{
"cve": "CVE-2022-21291",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21291"
},
{
"cve": "CVE-2022-21293",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21293"
},
{
"cve": "CVE-2022-21294",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21294"
},
{
"cve": "CVE-2022-21296",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21296"
},
{
"cve": "CVE-2022-21298",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21298"
},
{
"cve": "CVE-2022-21299",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21299"
},
{
"cve": "CVE-2022-21305",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21305"
},
{
"cve": "CVE-2022-21340",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21340"
},
{
"cve": "CVE-2022-21341",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21341"
},
{
"cve": "CVE-2022-21349",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21349"
},
{
"cve": "CVE-2022-21360",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21360"
},
{
"cve": "CVE-2022-21365",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21365"
},
{
"cve": "CVE-2022-21375",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21375"
},
{
"cve": "CVE-2022-21384",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21384"
},
{
"cve": "CVE-2022-21416",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21416"
},
{
"cve": "CVE-2022-21446",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21446"
},
{
"cve": "CVE-2022-21461",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21461"
},
{
"cve": "CVE-2022-21463",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21463"
},
{
"cve": "CVE-2022-21493",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21493"
},
{
"cve": "CVE-2022-21494",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21494"
},
{
"cve": "CVE-2022-21712",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21712"
},
{
"cve": "CVE-2022-21716",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21716"
},
{
"cve": "CVE-2022-21824",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-21824"
},
{
"cve": "CVE-2022-22719",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22720",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22721",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22737",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22737"
},
{
"cve": "CVE-2022-22738",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22738"
},
{
"cve": "CVE-2022-22739",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22739"
},
{
"cve": "CVE-2022-22740",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22740"
},
{
"cve": "CVE-2022-22741",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22741"
},
{
"cve": "CVE-2022-22742",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22742"
},
{
"cve": "CVE-2022-22743",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22743"
},
{
"cve": "CVE-2022-22744",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22744"
},
{
"cve": "CVE-2022-22745",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22745"
},
{
"cve": "CVE-2022-22746",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22746"
},
{
"cve": "CVE-2022-22747",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22747"
},
{
"cve": "CVE-2022-22748",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22748"
},
{
"cve": "CVE-2022-22751",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22751"
},
{
"cve": "CVE-2022-22753",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22753"
},
{
"cve": "CVE-2022-22754",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22754"
},
{
"cve": "CVE-2022-22756",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22756"
},
{
"cve": "CVE-2022-22759",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22759"
},
{
"cve": "CVE-2022-22760",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22760"
},
{
"cve": "CVE-2022-22761",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22761"
},
{
"cve": "CVE-2022-22763",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22763"
},
{
"cve": "CVE-2022-22764",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22764"
},
{
"cve": "CVE-2022-22815",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22815"
},
{
"cve": "CVE-2022-22816",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22816"
},
{
"cve": "CVE-2022-22817",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22817"
},
{
"cve": "CVE-2022-22818",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22818"
},
{
"cve": "CVE-2022-22822",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22822"
},
{
"cve": "CVE-2022-22823",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22823"
},
{
"cve": "CVE-2022-22824",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22824"
},
{
"cve": "CVE-2022-22825",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22825"
},
{
"cve": "CVE-2022-22826",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22826"
},
{
"cve": "CVE-2022-22827",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-22827"
},
{
"cve": "CVE-2022-23181",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-23181"
},
{
"cve": "CVE-2022-23833",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-23833"
},
{
"cve": "CVE-2022-23852",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-23852"
},
{
"cve": "CVE-2022-23943",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-23943"
},
{
"cve": "CVE-2022-23990",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-23990"
},
{
"cve": "CVE-2022-24407",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-24407"
},
{
"cve": "CVE-2022-25235",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-25236",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-25313",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2022-25314",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-25314"
},
{
"cve": "CVE-2022-25315",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-26381",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-26381"
},
{
"cve": "CVE-2022-26383",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-26383"
},
{
"cve": "CVE-2022-26384",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-26384"
},
{
"cve": "CVE-2022-26386",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-26386"
},
{
"cve": "CVE-2022-26387",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-26387"
},
{
"cve": "CVE-2022-26485",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-26485"
},
{
"cve": "CVE-2022-26486",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren."
}
],
"product_status": {
"known_affected": [
"T000872",
"T002977"
]
},
"release_date": "2022-06-14T22:00:00.000+00:00",
"title": "CVE-2022-26486"
}
]
}
wid-sec-w-2022-1483
Vulnerability from csaf_certbund
Published
2022-01-25 23:00
Modified
2024-01-08 23:00
Summary
PolicyKit: Schwachstelle ermöglicht Privilegieneskalation
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
PolicyKit ist ein Berechtigungsdienst, der die Kommunikation zwischen Benutzersoftware und Systemkomponenten erlaubt, wenn die Benutzersoftware dazu berechtigt ist.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in PolicyKit ausnutzen, um seine Privilegien zu erhöhen.
Betroffene Betriebssysteme
- UNIX
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "PolicyKit ist ein Berechtigungsdienst, der die Kommunikation zwischen Benutzersoftware und Systemkomponenten erlaubt, wenn die Benutzersoftware dazu berechtigt ist.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in PolicyKit ausnutzen, um seine Privilegien zu erh\u00f6hen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1483 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1483.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1483 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1483"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0265 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0265"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0266 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0266"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0267 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0267"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0268 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0268"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0269 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0269"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0270 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0270"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0271 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0271"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0272 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0272"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0273 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0273"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0274 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0274"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-0274 vom 2022-01-25",
"url": "http://linux.oracle.com/errata/ELSA-2022-0274.html"
},
{
"category": "external",
"summary": "Debian Security Advisory vom 2022-01-25",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00026.html"
},
{
"category": "external",
"summary": "SUSE Linux Security Update vom 2022-01-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-January/010074.html"
},
{
"category": "external",
"summary": "SUSE Linux Security Update vom 2022-01-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-January/010075.html"
},
{
"category": "external",
"summary": "SUSE Linux Security Update vom 2022-01-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-January/010076.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5252-1 vom 2022-01-25",
"url": "https://ubuntu.com/security/notices/USN-5252-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5252-1 vom 2022-01-25",
"url": "https://ubuntu.com/security/notices/USN-5252-2"
},
{
"category": "external",
"summary": "Exploit",
"url": "https://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-root-on-all-major-distros-exploit-released/"
},
{
"category": "external",
"summary": "Qualys Advisory CVE-2021-4034 vom 2022-01-25",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2022:0274 vom 2022-01-26",
"url": "https://lists.centos.org/pipermail/centos-announce/2022-January/073552.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202201-01 vom 2022-01-27",
"url": "https://security.gentoo.org/glsa/202201-01"
},
{
"category": "external",
"summary": "IGEL Security Notice ISN-2022-01 vom 2022-01-27",
"url": "https://kb.igel.com/securitysafety/en/isn-2022-01-polkit-escalation-of-privilege-54093876.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1745 vom 2022-01-27",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1745.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-016 vom 2022-01-27",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-016.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9073 vom 2022-01-28",
"url": "http://linux.oracle.com/errata/ELSA-2022-9073.html"
},
{
"category": "external",
"summary": "Aruba Product Security Advisory",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-003.txt"
},
{
"category": "external",
"summary": "Extreme Networks Security Advisory",
"url": "https://extremeportal.force.com/ExtrArticleDetail?an=000102362"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-010 vom 2021-01-31",
"url": "https://downloads.avaya.com/css/P8/documents/101080366"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-007 vom 2021-01-31",
"url": "https://downloads.avaya.com/css/P8/documents/101080315"
},
{
"category": "external",
"summary": "Unify Security Advisory Report",
"url": "https://networks.unify.com/security/advisories/OBSO-2202-01.pdf"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0443 vom 2022-02-08",
"url": "https://access.redhat.com/errata/RHSA-2022:0443"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0540 vom 2022-02-15",
"url": "https://access.redhat.com/errata/RHSA-2022:0540"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2022-0006 vom 2022-02-17",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2022-February/001046.html"
},
{
"category": "external",
"summary": "HPE Security Bulletin",
"url": "https://support.hpe.com/hpesc/public/docDisplay?elq_mid=17739\u0026elq_cid=62517953\u0026docId=hpesbnw04237en_us"
},
{
"category": "external",
"summary": "HPE Security Bulletin",
"url": "https://support.hpe.com/hpesc/public/docDisplay?elq_mid=17739\u0026elq_cid=67018031\u0026docId=hpesbnw04237en_us"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202204-2 vom 2022-04-05",
"url": "https://security.archlinux.org/ASA-202204-2"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6621599 vom 2022-09-21",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-maximo-asset-management-is-vulnerable-to-authentication-bypass-cve-2022-40616/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9999 vom 2022-11-16",
"url": "http://linux.oracle.com/errata/ELSA-2022-9999.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-220 vom 2022-12-09",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-220.html"
},
{
"category": "external",
"summary": "ExtremeNetworks Vulnerability Notice SA-2022-001 vom 2024-01-09",
"url": "https://extreme-networks.my.site.com/ExtrArticleDetail?an=000102362"
}
],
"source_lang": "en-US",
"title": "PolicyKit: Schwachstelle erm\u00f6glicht Privilegieneskalation",
"tracking": {
"current_release_date": "2024-01-08T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:35:29.086+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1483",
"initial_release_date": "2022-01-25T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-01-25T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-01-26T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von CentOS aufgenommen"
},
{
"date": "2022-01-27T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Gentoo, IGEL und Amazon aufgenommen"
},
{
"date": "2022-01-30T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-02-01T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Aruba aufgenommen"
},
{
"date": "2022-02-02T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Unify, ExtremeNetworks und AVAYA aufgenommen"
},
{
"date": "2022-02-07T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-02-15T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-02-16T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2022-02-24T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2022-03-03T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-04-04T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Arch Linux aufgenommen"
},
{
"date": "2022-09-20T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-11-16T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-12-11T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-01-08T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von ExtremeNetworks aufgenommen"
}
],
"status": "final",
"version": "16"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Aruba ArubaOS",
"product": {
"name": "Aruba ArubaOS",
"product_id": "T021926",
"product_identification_helper": {
"cpe": "cpe:/o:arubanetworks:arubaos:-"
}
}
},
{
"category": "product_name",
"name": "Aruba ClearPass",
"product": {
"name": "Aruba ClearPass",
"product_id": "T022183",
"product_identification_helper": {
"cpe": "cpe:/a:arubanetworks:clearpass:-"
}
}
},
{
"category": "product_name",
"name": "Aruba ClearPass Policy Manager",
"product": {
"name": "Aruba ClearPass Policy Manager",
"product_id": "274506",
"product_identification_helper": {
"cpe": "cpe:/a:arubanetworks:clearpass_policy_manager:6.3.0.60730"
}
}
},
{
"category": "product_name",
"name": "Aruba Switch",
"product": {
"name": "Aruba Switch",
"product_id": "T016786",
"product_identification_helper": {
"cpe": "cpe:/h:arubanetworks:switch:-"
}
}
}
],
"category": "vendor",
"name": "Aruba"
},
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Web License Manager",
"product": {
"name": "Avaya Web License Manager",
"product_id": "T016243",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:web_license_manager:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
},
{
"category": "product_name",
"name": "Debian Linux 9",
"product": {
"name": "Debian Linux 9",
"product_id": "T021835",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:9"
}
}
}
],
"category": "product_name",
"name": "Linux"
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Extreme Networks Extreme Management Center",
"product": {
"name": "Extreme Networks Extreme Management Center",
"product_id": "T020453",
"product_identification_helper": {
"cpe": "cpe:/a:extremenetworks:netsight:-"
}
}
},
{
"category": "product_name",
"name": "Extreme Networks HiveManager Classic On-Premises \u003c XIQ",
"product": {
"name": "Extreme Networks HiveManager Classic On-Premises \u003c XIQ",
"product_id": "T031896",
"product_identification_helper": {
"cpe": "cpe:/a:extremenetworks:hivemanager:xiq::classic_on-premises"
}
}
}
],
"category": "vendor",
"name": "Extreme Networks"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Maximo Asset Management",
"product": {
"name": "IBM Maximo Asset Management",
"product_id": "T024664",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "IGEL OS",
"product": {
"name": "IGEL OS",
"product_id": "T017865",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:-"
}
}
}
],
"category": "vendor",
"name": "IGEL"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
},
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"category": "product_name",
"name": "Open Source PolicyKit",
"product": {
"name": "Open Source PolicyKit",
"product_id": "T005505",
"product_identification_helper": {
"cpe": "cpe:/a:policykit:policykit:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux 7",
"product": {
"name": "Oracle Linux 7",
"product_id": "287065",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "product_name",
"name": "Linux"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7",
"product": {
"name": "Red Hat Enterprise Linux 7",
"product_id": "T007578",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 8.4 Extended Update Support",
"product": {
"name": "Red Hat Enterprise Linux 8.4 Extended Update Support",
"product_id": "T021022",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8.4_extended_update_support"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 8.2 Extended Update Support.",
"product": {
"name": "Red Hat Enterprise Linux 8.2 Extended Update Support.",
"product_id": "T021823",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8.2_extended_update_support."
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
"product": {
"name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
"product_id": "T021824",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8.1_update_services_for_sap_solutions"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 6 Extended Lifecycle Support",
"product": {
"name": "Red Hat Enterprise Linux 6 Extended Lifecycle Support",
"product_id": "T021825",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6_extended_lifecycle_support"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7.3 Advanced Update Support",
"product": {
"name": "Red Hat Enterprise Linux 7.3 Advanced Update Support",
"product_id": "T021826",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.3_advanced_update_support"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7.6 Advanced Update Support",
"product": {
"name": "Red Hat Enterprise Linux 7.6 Advanced Update Support",
"product_id": "T021827",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.6_advanced_update_support"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7.6 Telco Extended Update Support",
"product": {
"name": "Red Hat Enterprise Linux 7.6 Telco Extended Update Support",
"product_id": "T021828",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.6_telco_extended_update_support"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions",
"product": {
"name": "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions",
"product_id": "T021829",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.6_update_services_for_sap_solutions"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7.4 Advanced Update Support",
"product": {
"name": "Red Hat Enterprise Linux 7.4 Advanced Update Support",
"product_id": "T021830",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.4_advanced_update_support"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
"product": {
"name": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
"product_id": "T021831",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.7_advanced_update_support"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7.7 Telco Extended Update Support",
"product": {
"name": "Red Hat Enterprise Linux 7.7 Telco Extended Update Support",
"product_id": "T021832",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.7_telco_extended_update_support"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions",
"product": {
"name": "Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions",
"product_id": "T021833",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.7_update_services_for_sap_solutions"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "T021836",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:enterprise_server_12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP 12",
"product_id": "T021837",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:enterprise_server_for_sap_12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product_id": "T021838",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:enterprise_software_development_kit_12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12",
"product_id": "T021839",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:enterprise_workstation_extension_12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15",
"product": {
"name": "SUSE Linux Enterprise Server 15",
"product_id": "T021840",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:enterprise_server_15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP 15",
"product_id": "T021842",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:enterprise_server_for_sap_15"
}
}
}
],
"category": "product_name",
"name": "Linux"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "T021843",
"product_identification_helper": {
"cpe": "cpe:/a:suse:manager:server_4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "T021844",
"product_identification_helper": {
"cpe": "cpe:/a:suse:manager:retail_branch_server_4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "T021845",
"product_identification_helper": {
"cpe": "cpe:/a:suse:manager:proxy_4.1"
}
}
}
],
"category": "product_name",
"name": "Manager"
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux 18.04",
"product": {
"name": "Ubuntu Linux 18.04",
"product_id": "353835",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:18.04"
}
}
},
{
"category": "product_name",
"name": "Ubuntu Linux 20.04",
"product": {
"name": "Ubuntu Linux 20.04",
"product_id": "T019179",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:20.04"
}
}
},
{
"category": "product_name",
"name": "Ubuntu Linux 14.04 ESM",
"product": {
"name": "Ubuntu Linux 14.04 ESM",
"product_id": "T021846",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:14.04_esm"
}
}
},
{
"category": "product_name",
"name": "Ubuntu Linux 16.04 ESM",
"product": {
"name": "Ubuntu Linux 16.04 ESM",
"product_id": "T021847",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:16.04_esm"
}
}
},
{
"category": "product_name",
"name": "Ubuntu Linux 21.10",
"product": {
"name": "Ubuntu Linux 21.10",
"product_id": "T021848",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:21.10"
}
}
}
],
"category": "product_name",
"name": "Linux"
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"category": "product_name",
"name": "Unify OpenScape Voice",
"product": {
"name": "Unify OpenScape Voice",
"product_id": "T008873",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_voice:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Xpert Clients",
"product": {
"name": "Unify OpenScape Xpert Clients",
"product_id": "T021945",
"product_identification_helper": {
"cpe": "cpe:/h:unify:openscape_xpert:::client"
}
}
}
],
"category": "vendor",
"name": "Unify"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4034",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in PolicyKit (polkit) im \"pkexec\" Dienstprogramm aufgrund eines Out-of-bound write und eines Out-of-bounds read. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien auf \"root\" zu erweitern."
}
],
"product_status": {
"known_affected": [
"T008873",
"T031896",
"T015127",
"T021926",
"T015126",
"T021848",
"T021847",
"T004914",
"T019179",
"398363",
"T022183",
"287065",
"T007578",
"T015519",
"T015518",
"T015516",
"T012167",
"T016243",
"T020453",
"2951",
"T021824",
"T021945",
"T021823",
"T021022",
"T005505",
"T021828",
"T021827",
"T021826",
"T021825",
"T021829",
"T021831",
"T021830",
"T021835",
"T021833",
"T021832",
"T024664",
"353835",
"T013312",
"T021839",
"T021838",
"T021837",
"T016786",
"T021836",
"T021842",
"T021840",
"T021846",
"T017865",
"T021845",
"T021844",
"T021843",
"1727",
"274506"
]
},
"release_date": "2022-01-25T23:00:00.000+00:00",
"title": "CVE-2021-4034"
}
]
}
wid-sec-w-2023-0426
Vulnerability from csaf_certbund
Published
2022-03-13 23:00
Modified
2023-02-19 23:00
Summary
IBM Spectrum Protect: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Spectrum Protect ist eine zentralisierte Backuplösung für Systeme im Netzwerk.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um einen 'Denial of Service'-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, einen 'Cross-Site-Scripting'-Angriff durchzuführen, beliebigen Code auszuführen, sensible Informationen offenzulegen und seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Spectrum Protect ist eine zentralisierte Backupl\u00f6sung f\u00fcr Systeme im Netzwerk.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, sensible Informationen offenzulegen und seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0426 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0426.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0426 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0426"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6956658 vom 2023-02-18",
"url": "https://www.ibm.com/support/pages/node/6956658"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562989"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562383"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562855"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562401"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562919"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562873"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562843"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-03-13",
"url": "https://www.ibm.com/support/pages/node/6562405"
}
],
"source_lang": "en-US",
"title": "IBM Spectrum Protect: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-02-19T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:44:02.670+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0426",
"initial_release_date": "2022-03-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-03-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-02-19T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Maximo Asset Management 7.6.1.2",
"product": {
"name": "IBM Maximo Asset Management 7.6.1.2",
"product_id": "T026420",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.2"
}
}
},
{
"category": "product_name",
"name": "IBM Maximo Asset Management 7.6.1.3",
"product": {
"name": "IBM Maximo Asset Management 7.6.1.3",
"product_id": "T026421",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.3"
}
}
}
],
"category": "product_name",
"name": "Maximo Asset Management"
},
{
"category": "product_name",
"name": "IBM Spectrum Protect",
"product": {
"name": "IBM Spectrum Protect",
"product_id": "T013661",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-20373",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-20373"
},
{
"cve": "CVE-2021-23222",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-23222"
},
{
"cve": "CVE-2021-23727",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-23727"
},
{
"cve": "CVE-2021-29678",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-29678"
},
{
"cve": "CVE-2021-33026",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-33026"
},
{
"cve": "CVE-2021-35517",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-35517"
},
{
"cve": "CVE-2021-35578",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-35578"
},
{
"cve": "CVE-2021-36090",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-36090"
},
{
"cve": "CVE-2021-38926",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-38926"
},
{
"cve": "CVE-2021-38931",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-38931"
},
{
"cve": "CVE-2021-39002",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-39002"
},
{
"cve": "CVE-2021-4034",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-4034"
},
{
"cve": "CVE-2021-41617",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2021-44716",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44717",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2021-44717"
},
{
"cve": "CVE-2022-0235",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-0235"
},
{
"cve": "CVE-2022-0391",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-0391"
},
{
"cve": "CVE-2022-21680",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-21680"
},
{
"cve": "CVE-2022-21681",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-21681"
},
{
"cve": "CVE-2022-22346",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-22346"
},
{
"cve": "CVE-2022-22348",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-22348"
},
{
"cve": "CVE-2022-22354",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-22354"
},
{
"cve": "CVE-2022-23772",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-23772"
},
{
"cve": "CVE-2022-23773",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-23773"
},
{
"cve": "CVE-2022-23806",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten PostgreSQL, Apache Commons Compress, Operations Center, Celery, Golang Go, Python, Db2, Java SE, Polkit, Node.js, OpenSSH und Flask. Ein entfernter anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen \u0027Denial of Service\u0027-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen \u0027Cross-Site-Scripting\u0027-Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T013661",
"T026421",
"T026420"
]
},
"release_date": "2022-03-13T23:00:00.000+00:00",
"title": "CVE-2022-23806"
}
]
}
gsd-2021-4034
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
Aliases
Aliases
{
"GSD": {
"affected_component": "pkexec",
"alias": "CVE-2021-4034",
"attack_vector": "local",
"credit": "",
"description": "To quote the Qualys Research Team: has discovered a memory corruption vulnerability in polkit\u2019s pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows any unprivileged user to gain full root privileges on a vulnerable host by exploiting this vulnerability in its default configuration.\n\n# Workaround\n\nchmod 0755 /usr/bin/pkexec",
"extended_references": [
{
"note": "introduced",
"type": "commit",
"value": "c8c3d835d24fc4ce5a9c596c7d55d85a0311e8d1"
},
{
"note": "fixed",
"type": "commit",
"value": "a2bf5c9c83b6ae46cbd5c779d3055bff81ded683"
}
],
"id": "GSD-2021-4034",
"impact": "local code execution as root",
"notes": "",
"product_name": "Polkit",
"product_version": "all versions prior to commit a2bf5c9c83b6ae46cbd5c779d3055bff81ded683",
"references": [
"https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034",
"https://gitlab.freedesktop.org/polkit/polkit/-/commit/c8c3d835d24fc4ce5a9c596c7d55d85a0311e8d1",
"https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683",
"https://ryiron.wordpress.com/2013/12/16/argv-silliness/",
"https://pythonrepo.com/repo/joeammond-CVE-2021-4034",
"https://github.com/berdav/CVE-2021-4034",
"https://github.com/arthepsy/CVE-2021-4034",
"https://github.com/joeammond/CVE-2021-4034",
"https://packetstormsecurity.com/files/165728/cve-2021-4043-poc.c",
"https://security-tracker.debian.org/tracker/CVE-2021-4034",
"https://access.redhat.com/security/cve/CVE-2021-4034",
"https://blog.cloudlinux.com/cve-2021-4034-cloudlinux-os-7-7-hybrid-and-8-updated",
"https://www.suse.com/security/cve/CVE-2021-4034.html",
"https://www.debian.org/security/2022/dsa-5059",
"https://access.redhat.com/errata/RHSA-2022:0540",
"https://access.redhat.com/errata/RHSA-2022:0443",
"https://access.redhat.com/errata/RHSA-2022:0274",
"https://access.redhat.com/errata/RHSA-2022:0273",
"https://access.redhat.com/errata/RHSA-2022:0272",
"https://access.redhat.com/errata/RHSA-2022:0271",
"https://access.redhat.com/errata/RHSA-2022:0270",
"https://access.redhat.com/errata/RHSA-2022:0269",
"https://access.redhat.com/errata/RHSA-2022:0268",
"https://access.redhat.com/errata/RHSA-2022:0267",
"https://access.redhat.com/errata/RHSA-2022:0266",
"https://access.redhat.com/errata/RHSA-2022:0265",
"https://ubuntu.com/security/CVE-2021-4034",
"https://advisories.mageia.org/CVE-2021-4034.html",
"https://security.archlinux.org/CVE-2021-4034",
"https://linux.oracle.com/cve/CVE-2021-4034.html",
"https://packetstormsecurity.com/files/cve/CVE-2021-4034"
],
"reporter": "kurtseifried",
"reporter_id": 582211,
"vendor_name": "Polkit",
"vulnerability_type": "unspecified"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-4034"
],
"details": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
"id": "GSD-2021-4034",
"modified": "2023-12-13T01:23:11.709043Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-4034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "polkit",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-787",
"lang": "eng",
"value": "(CWE-787|CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"refsource": "MISC",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"name": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"refsource": "MISC",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"name": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683",
"refsource": "MISC",
"url": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html"
},
{
"name": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html"
},
{
"name": "https://www.suse.com/support/kb/doc/?id=000020564",
"refsource": "MISC",
"url": "https://www.suse.com/support/kb/doc/?id=000020564"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf"
},
{
"name": "https://www.starwindsoftware.com/security/sw-20220818-0001/",
"refsource": "MISC",
"url": "https://www.starwindsoftware.com/security/sw-20220818-0001/"
},
{
"name": "https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/",
"refsource": "MISC",
"url": "https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:polkit_project:polkit:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "121",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:15:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:-:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:sap:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:sinumerik_edge:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build14338:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:starwindsoftware:starwind_hyperconverged_appliance:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:starwindsoftware:command_center:1.0:update3_build5871:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-4034"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A local privilege escalation vulnerability was found on polkit\u0027s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"refsource": "MISC",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"refsource": "MISC",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"name": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683"
},
{
"name": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html"
},
{
"name": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html"
},
{
"name": "https://www.suse.com/support/kb/doc/?id=000020564",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/kb/doc/?id=000020564"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf"
},
{
"name": "https://www.starwindsoftware.com/security/sw-20220818-0001/",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://www.starwindsoftware.com/security/sw-20220818-0001/"
},
{
"name": "https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/",
"refsource": "MISC",
"tags": [],
"url": "https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-10-18T01:15Z",
"publishedDate": "2022-01-28T20:15Z"
}
}
}
sca-2022-0002
Vulnerability from csaf_sick
Published
2022-02-23 16:00
Modified
2022-02-23 16:00
Summary
PwnKit vulnerability affects multiple SICK IPCs
Notes
CVE-2021-4034 is a Local Privilege Escalation (LPE) vulnerability, located in the "Polkit" package
installed by default on almost every major distribution of the Linux operating system.
On 2022-01-25, Qualys released an advisory for this LPE vulnerability, advising to either update the “Polkit” package or implement the mitigation that Qualys recommends.
In an air-gapped system SICK recommends all customers to implement at least the available mitigation for the corresponding Linux distribution. Please note, that this vulnerability can be exploited only if an user with unprivileged authorization can establish a connection to the systems.
General Security Measures
As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.
Vulnerability Classification
SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "en-US",
"notes": [
{
"audience": "all",
"category": "summary",
"text": "CVE-2021-4034 is a Local Privilege Escalation (LPE) vulnerability, located in the \"Polkit\" package \ninstalled by default on almost every major distribution of the Linux operating system.\n\nOn 2022-01-25, Qualys released an advisory for this LPE vulnerability, advising to either update the \u201cPolkit\u201d package or implement the mitigation that Qualys recommends.\n\nIn an air-gapped system SICK recommends all customers to implement at least the available mitigation for the corresponding Linux distribution. Please note, that this vulnerability can be exploited only if an user with unprivileged authorization can establish a connection to the systems. "
},
{
"category": "general",
"text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
"title": "General Security Measures"
},
{
"category": "general",
"text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
"title": "Vulnerability Classification"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@sick.de",
"issuing_authority": "SICK PSIRT is responsible for any vulnerabilities related to SICK products.",
"name": "SICK PSIRT",
"namespace": "https://sick.com/psirt"
},
"references": [
{
"summary": "SICK PSIRT Security Advisories",
"url": "https://sick.com/psirt"
},
{
"summary": "SICK Operating Guidelines",
"url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
},
{
"summary": "ICS-CERT recommended practices on Industrial Security",
"url": "http://ics-cert.us-cert.gov/content/recommended-practices"
},
{
"summary": "CVSS v3.1 Calculator",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"category": "self",
"summary": "The canonical URL.",
"url": "https://www.sick.com/.well-known/csaf/white/2022/sca-2022-0002.json"
}
],
"title": "PwnKit vulnerability affects multiple SICK IPCs",
"tracking": {
"current_release_date": "2022-02-23T16:00:00.000Z",
"generator": {
"date": "2023-02-10T09:01:25.481Z",
"engine": {
"name": "Secvisogram",
"version": "2.0.0"
}
},
"id": "SCA-2022-0002",
"initial_release_date": "2022-02-23T16:00:00.000Z",
"revision_history": [
{
"date": "2022-02-23T16:00:00.000Z",
"number": "1",
"summary": "Initial release"
},
{
"date": "2023-02-10T11:00:00.000Z",
"number": "2",
"summary": "Updated Advisory (only visual changes)"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE5401, M16G, 1TB, LINUX, CUSTOM all versions",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"skus": [
"1111424"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE5401, M16G, 1TB, LINUX, CUSTOM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE5401, M16G, 2TB, C7 all versions",
"product_id": "CSAFPID-0002",
"product_identification_helper": {
"skus": [
"1099249"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE5401, M16G, 2TB, C7"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE5401, M16G, 1TB, C7 all versions",
"product_id": "CSAFPID-0003",
"product_identification_helper": {
"skus": [
"1099248"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE5401, M16G, 1TB, C7"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, EOS1300, M16G, 1TB, C7 all versions",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"skus": [
"1092516"
]
}
}
}
],
"category": "product_name",
"name": "PC, EOS1300, M16G, 1TB, C7"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, EOS1300, M16G, 2TB, C7 all versions",
"product_id": "CSAFPID-0005",
"product_identification_helper": {
"skus": [
"1092517"
]
}
}
}
],
"category": "product_name",
"name": "PC, EOS1300, M16G, 2TB, C7"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE-5401, SSCT, R0, 2TB all versions",
"product_id": "CSAFPID-0006",
"product_identification_helper": {
"skus": [
"2084896",
"2098056"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE-5401, SSCT, R0, 2TB"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE-5401,R0,2TB,SS-X all versions",
"product_id": "CSAFPID-0007",
"product_identification_helper": {
"skus": [
"2095232"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE-5401,R0,2TB,SS-X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE-5401,R0,2TB,UDS-X all versions",
"product_id": "CSAFPID-0008",
"product_identification_helper": {
"skus": [
"2104564"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE-5401,R0,2TB,UDS-X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE-5321, SSXT, R0, 2TB all versions",
"product_id": "CSAFPID-0009",
"product_identification_helper": {
"skus": [
"2084076"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE-5321, SSXT, R0, 2TB"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE-5321, SSAT, R0, 2TB all versions",
"product_id": "CSAFPID-0010",
"product_identification_helper": {
"skus": [
"2084077"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE-5321, SSAT, R0, 2TB"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE-5321, UDS, R0, 2TB all versions",
"product_id": "CSAFPID-0011",
"product_identification_helper": {
"skus": [
"2084078"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE-5321, UDS, R0, 2TB"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE-5401, SSAT, R0, 2TB all versions",
"product_id": "CSAFPID-0012",
"product_identification_helper": {
"skus": [
"2084897"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE-5401, SSAT, R0, 2TB"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE-5401, UDS, R0, 2TB all versions",
"product_id": "CSAFPID-0013",
"product_identification_helper": {
"skus": [
"2084898"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE-5401, UDS, R0, 2TB"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, MXE-5401, SP, R0,2TB all versions",
"product_id": "CSAFPID-0014",
"product_identification_helper": {
"skus": [
"2099100"
]
}
}
}
],
"category": "product_name",
"name": "PC, MXE-5401, SP, R0,2TB"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC-MXE 5401, CUSTOM, C6, 1TB all versions",
"product_id": "CSAFPID-0015",
"product_identification_helper": {
"skus": [
"2056761"
]
}
}
}
],
"category": "product_name",
"name": "PC-MXE 5401, CUSTOM, C6, 1TB"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK ERGO,DISP,KIT,C6X,CUSTOM all versions",
"product_id": "CSAFPID-0016",
"product_identification_helper": {
"skus": [
"2087772"
]
}
}
}
],
"category": "product_name",
"name": "ERGO,DISP,KIT,C6X,CUSTOM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SICK PC, K700-SE-MS4X, M16G, 1TB all versions",
"product_id": "CSAFPID-0017",
"product_identification_helper": {
"skus": [
"1122338"
]
}
}
}
],
"category": "product_name",
"name": "PC, K700-SE-MS4X, M16G, 1TB"
}
],
"category": "vendor",
"name": "SICK AG"
}
],
"full_product_names": [
{
"name": "CentOS",
"product_id": "CSAFPID-0018"
},
{
"name": "RedHat",
"product_id": "CSAFPID-0019"
},
{
"name": "Ubuntu",
"product_id": "CSAFPID-0020"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE5401, M16G, 1TB, LINUX, CUSTOM all versions (CentOS)",
"product_id": "CSAFPID-0021"
},
"product_reference": "CSAFPID-0018",
"relates_to_product_reference": "CSAFPID-0001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE5401, M16G, 2TB, C7 all versions (CentOS)",
"product_id": "CSAFPID-0022"
},
"product_reference": "CSAFPID-0018",
"relates_to_product_reference": "CSAFPID-0002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE5401, M16G, 1TB, C7 all versions (CentOS)",
"product_id": "CSAFPID-0023"
},
"product_reference": "CSAFPID-0018",
"relates_to_product_reference": "CSAFPID-0003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, EOS1300, M16G, 1TB, C7 all versions (CentOS)",
"product_id": "CSAFPID-0024"
},
"product_reference": "CSAFPID-0018",
"relates_to_product_reference": "CSAFPID-0004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, EOS1300, M16G, 2TB, C7 all versions (CentOS)",
"product_id": "CSAFPID-0025"
},
"product_reference": "CSAFPID-0018",
"relates_to_product_reference": "CSAFPID-0005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE-5401,R0,2TB,SS-X all versions (RedHat)",
"product_id": "CSAFPID-0026"
},
"product_reference": "CSAFPID-0019",
"relates_to_product_reference": "CSAFPID-0006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE-5401,R0,2TB,UDS-X all versions (RedHat)",
"product_id": "CSAFPID-0027"
},
"product_reference": "CSAFPID-0019",
"relates_to_product_reference": "CSAFPID-0007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE-5321, SSXT, R0, 2TB all versions (RedHat)",
"product_id": "CSAFPID-0028"
},
"product_reference": "CSAFPID-0019",
"relates_to_product_reference": "CSAFPID-0008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE-5321, SSAT, R0, 2TB all versions (RedHat)",
"product_id": "CSAFPID-0029"
},
"product_reference": "CSAFPID-0019",
"relates_to_product_reference": "CSAFPID-0009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE-5321, UDS, R0, 2TB all versions (RedHat)",
"product_id": "CSAFPID-0030"
},
"product_reference": "CSAFPID-0019",
"relates_to_product_reference": "CSAFPID-0010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE-5401, SSAT, R0, 2TB all versions (RedHat)",
"product_id": "CSAFPID-0031"
},
"product_reference": "CSAFPID-0019",
"relates_to_product_reference": "CSAFPID-0011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE-5401, UDS, R0, 2TB all versions (RedHat)",
"product_id": "CSAFPID-0032"
},
"product_reference": "CSAFPID-0019",
"relates_to_product_reference": "CSAFPID-0012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE-5401, SSCT, R0, 2TB all versions (RedHat)",
"product_id": "CSAFPID-0033"
},
"product_reference": "CSAFPID-0019",
"relates_to_product_reference": "CSAFPID-0013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, MXE-5401, SP, R0,2TB all versions (RedHat)",
"product_id": "CSAFPID-0034"
},
"product_reference": "CSAFPID-0019",
"relates_to_product_reference": "CSAFPID-0014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC-MXE 5401, CUSTOM, C6, 1TB all versions (CentOS)",
"product_id": "CSAFPID-0035"
},
"product_reference": "CSAFPID-0018",
"relates_to_product_reference": "CSAFPID-0015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK ERGO,DISP,KIT,C6X,CUSTOM all versions (CentOS)",
"product_id": "CSAFPID-0036"
},
"product_reference": "CSAFPID-0018",
"relates_to_product_reference": "CSAFPID-0016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "SICK PC, K700-SE-MS4X, M16G, 1TB all versions (Ubuntu)",
"product_id": "CSAFPID-0037"
},
"product_reference": "CSAFPID-0020",
"relates_to_product_reference": "CSAFPID-0017"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4034",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-01-31T16:00:00.000Z",
"notes": [
{
"category": "description",
"text": "The current version of pkexec doesn\u0027t handle the calling parameters count correctly and ends trying to \nexecute environment variables as commands. An attacker can leverage this by crafting environment \nvariables in such a way it\u0027ll induce pkexec to execute arbitrary code. When successfully executed the \nattack can cause a local privilege escalation given unprivileged users administrative rights on the \ntarget machine."
}
],
"product_status": {
"fixed": [
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037"
]
},
"references": [
{
"summary": "Qualys Advisory",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-23T16:00:00.000Z",
"details": "Update to newest version",
"product_ids": [
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037"
]
},
{
"category": "mitigation",
"details": "- In case your SICK IPC for Analytics has been set up normally, without a \u201ckiosk\u201d mode:\n\n - Log in as the \\\u003croot\\\u003e user (credentials will be supplied separately).\n\n - Start the \\\u003cterminal\\\u003e app.\n\n - At the command prompt, enter the following command: \\\u003cchmod 0755 /usr/bin/pkexec\\\u003e\n\n - Log out from \\\u003croot\\\u003e\n\n- In case your SICK IPC for Analytics has been set up in \u201ckiosk\u201d mode:\n\n Note: In this below example, the OS is assumed to be CentOS 6.8 running a Gnome 2.28.2 GUI with SICK Package Analytics pre-installed and running on Kiosk mode.\n\n - These instructions start from the default kiosk-mode display of Package analytics.\n \n - Press \\\u003cCTRL+F4\\\u003e on the keyboard. This will bring up the desktop for the \\\u003cguest\\\u003e user.\n\n - Select the green \u201crunning man\u201d icon in the upper right.\n\n - Select \\\u003cLog Out\\\u003e in the dialog box.\n\n - In the ensuing dialog, press \\\u003cCancel\\\u003e. It\u2019s on a timer, so this step has to be done quickly.\n\n - This brings up a display that allows the user to log in to other accounts. Select \\\u003cother\\\u003e.\n\n - Enter \\\u003croot\\\u003e as the username.\n\n - Enter the root password. Note this will be provided in a separate email.\n\n - This brings up the root desktop. Click on the black terminal icon at the top of the display to bring up the command line prompt.\n\n - At the command line, enter the following command: \\\u003cchmod 0755 /usr/bin/pkexec\\\u003e\n\n - Click on the \\\u003cx\\\u003e in the upper right to close the terminal window.\n\n - As before click on the \u201crunning man\u201d icon at the top of the display to bring up the logout screen.\n \n - Select \\\u003cLog Out\\\u003e in the ensuing dialogue.\n\nThis completes the process. The system will automatically back in as the guest kiosk user.",
"product_ids": [
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037"
],
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001#mitigation"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033",
"CSAFPID-0034",
"CSAFPID-0035",
"CSAFPID-0036",
"CSAFPID-0037"
]
}
],
"title": "CVE-2021-4034 Out-of-bounds Write"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.