Is AWS Linux / Linux 2 vulnerable to CVE-2021-4034?

I noticed that our AWS Linux installations do not have 'pkexec', does it mean that they are not vulnerable? if it is anyway (e.g. pkexec could have been renamed).. appreciate mitigation procedures. thanks

主題

運算

標籤

Amazon EC2

語言

English

Json

已提問 2 年前檢視次數 577 次

1 個回答

最新
最多得票
最多評論

I have not been able to confirm the use of pkexec in Amazon Linux AMIs.

But here is a mitigation: A temporary mitigation for operating systems that have yet to push a patch is to strip pkexec of the read/write rights with the following command: chmod 0755 /usr/bin/pkexec

Source: https://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-root-on-all-major-distros-exploit-released/

sharpedgewv

已回答 2 年前

Is AWS Linux / Linux 2 vulnerable to CVE-2021-4034?

相關內容