PwnKit (polkit’s pkexec exploit) – CVE-2021-4034

The update fixing the issue for Mageia 8 was released Wed, 26 Jan 2022 10:31 UTC (05:31 EST).

For anyone still running Mageia 7 (or older releases), the recommendation is …

As root run “chmod 0755 /usr/bin/pkexec”.
That will mean pkexec doesn’t work anymore. Running things like rpmdrake as a
regular user will not work. You must use an alternative approach to get root
privileges (open a terminal, use “su -” and then run rpmdrake or use sudo rpmdrake
if you’ve configured sudo).

This entry was posted in Mageia, QA, security, Updates. Bookmark the permalink.

Curious about Mageia? Download it, give it a try and tell us how you feel about it.

Want to bring something to it? Learn how you can contribute and donate.

One Response to PwnKit (polkit’s pkexec exploit) – CVE-2021-4034

  1. Pingback: PwnKit (vulnerabilidad en pkexec) – CVE-2021-4034 | Mageia Blog (Español)