Linux Polkit 漏洞修复

源地址:

https://access.redhat.com/security/vulnerabilities/RHSB-2022-001

redhat 有附带的jiaoben 可以检测自己当前的版本是否受影响:

 

绿色的是检测脚本,蓝色的是缓解脚本

 

下载运行:

wget https://access.redhat.com/sites/default/files/cve-2021-4034--2022-01-25-0936.sh

 

This script (v1.0) is primarily designed to detect CVE-2021-4034 on supported
Red Hat Enterprise Linux systems and kernel packages.
Result may be inaccurate for other RPM based systems.

Detected 'polkit' package: polkit-0.112-26.el7.x86_64
This polkit version is vulnerable.
Follow https://access.redhat.com/security/vulnerabilities/RHSB-2022-001 for advice.

 

 所以更新即可:

yum update polkit -y

然后再次运行脚本检测:

bash cve-2021-4034--2022-01-25-0936.sh

提示正常,然后就ok了

 

注意:mitigate是缓解的意思,是不得已的方法

 

posted @ 2022-01-29 10:27  千家诗  阅读(1091)  评论(1编辑  收藏  举报