Linux Polkit 漏洞修复
源地址:
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001
redhat 有附带的jiaoben 可以检测自己当前的版本是否受影响:
绿色的是检测脚本,蓝色的是缓解脚本
下载运行:
wget https://access.redhat.com/sites/default/files/cve-2021-4034--2022-01-25-0936.sh
This script (v1.0) is primarily designed to detect CVE-2021-4034 on supported Red Hat Enterprise Linux systems and kernel packages. Result may be inaccurate for other RPM based systems. Detected 'polkit' package: polkit-0.112-26.el7.x86_64 This polkit version is vulnerable. Follow https://access.redhat.com/security/vulnerabilities/RHSB-2022-001 for advice.
所以更新即可:
yum update polkit -y
然后再次运行脚本检测:
bash cve-2021-4034--2022-01-25-0936.sh
提示正常,然后就ok了
注意:mitigate是缓解的意思,是不得已的方法