CVE-2021-4034 icon indicating copy to clipboard operation
CVE-2021-4034 copied to clipboard

Published 20 hours ago verified publisher icon PwnFunction

Not sure whether exploit has been patched

Open cosinekitty opened this issue 2 years ago • 2 comments

Very interesting video explanation. Thank you! I tried running this on my local Debian system and got this:

$ ./pwnkit
pkexec --version |
       --help |
       --disable-internal-agent |
       [--user username] PROGRAM [ARGUMENTS...]

See the pkexec manual page for more details.
$

So apparently it did not escalate me to root. But I don't think I updated recently enough to be protected. If this is of interest, I can provide more info.

cosinekitty avatar May 05 '22 20:05 cosinekitty

@cosinekitty The prior DSA (Debian Security Announce) is listed. See https://security-tracker.debian.org/tracker/CVE-2021-4034

Use apt-cache policy policykit-1 to see where debs are fetched from and what versions apply.

supaplextor avatar Sep 27 '22 14:09 supaplextor

I tried running this using your docker container and I got the same error.

omit66 avatar Dec 20 '22 19:12 omit66