What is the severity of RHSA-2021:2236?

The severity of RHSA-2021:2236 is classified as important due to the potential for local privilege escalation.

How do I fix RHSA-2021:2236?

To fix RHSA-2021:2236, update the polkit package to version 0.115-9.el8_1.1 or later.

Which packages are affected by RHSA-2021:2236?

The affected packages include polkit, polkit-debuginfo, polkit-debugsource, polkit-devel, and polkit-libs among others.

What vulnerability does RHSA-2021:2236 address?

RHSA-2021:2236 addresses a local privilege escalation vulnerability in the polkit component.

Is there a way to verify if RHSA-2021:2236 is applied?

You can verify if the patch for RHSA-2021:2236 is applied by checking the version of the installed polkit package on your system.

Vulnerability/
RHSA-2021:2236

3/6/2021

20/6/2024

RHSA-2021:2236: Important: polkit security update

First published: Thu Jun 03 2021(Updated: )

The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.<br>Security Fix(es):<br><li> polkit: local privilege escalation using polkit_system_bus_name_get_creds_sync() (CVE-2021-3560)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/polkit	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-debuginfo	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-debuginfo	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-debugsource	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-debugsource	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-devel	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-devel	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-docs	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-libs	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-libs	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-libs-debuginfo	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-libs-debuginfo	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-debuginfo	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-debugsource	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-devel	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-libs	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit-libs-debuginfo	<0.115-9.el8_1.1	0.115-9.el8_1.1
redhat/polkit	<0.115-9.el8_1.1.aa	0.115-9.el8_1.1.aa
redhat/polkit-debuginfo	<0.115-9.el8_1.1.aa	0.115-9.el8_1.1.aa
redhat/polkit-debugsource	<0.115-9.el8_1.1.aa	0.115-9.el8_1.1.aa
redhat/polkit-devel	<0.115-9.el8_1.1.aa	0.115-9.el8_1.1.aa
redhat/polkit-libs	<0.115-9.el8_1.1.aa	0.115-9.el8_1.1.aa
redhat/polkit-libs-debuginfo	<0.115-9.el8_1.1.aa	0.115-9.el8_1.1.aa

Never miss a vulnerability like this again

Reference Links

https://access.redhat.com/errata/RHSA-2021:2236 (Advisory)

Frequently Asked Questions

What is the severity of RHSA-2021:2236?
The severity of RHSA-2021:2236 is classified as important due to the potential for local privilege escalation.
How do I fix RHSA-2021:2236?
To fix RHSA-2021:2236, update the polkit package to version 0.115-9.el8_1.1 or later.
Which packages are affected by RHSA-2021:2236?
The affected packages include polkit, polkit-debuginfo, polkit-debugsource, polkit-devel, and polkit-libs among others.
What vulnerability does RHSA-2021:2236 address?
RHSA-2021:2236 addresses a local privilege escalation vulnerability in the polkit component.
Is there a way to verify if RHSA-2021:2236 is applied?
You can verify if the patch for RHSA-2021:2236 is applied by checking the version of the installed polkit package on your system.

agent/severity
agent/type
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/title
agent/description
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2021:2236
agent/software-canonical-lookup
agent/references
agent/remedy
agent/tags
agent/event
agent/source
package-manager/redhat

Frequently Asked Questions

What is the severity of RHSA-2021:2236?
The severity of RHSA-2021:2236 is classified as important due to the potential for local privilege escalation.
How do I fix RHSA-2021:2236?
To fix RHSA-2021:2236, update the polkit package to version 0.115-9.el8_1.1 or later.
Which packages are affected by RHSA-2021:2236?
The affected packages include polkit, polkit-debuginfo, polkit-debugsource, polkit-devel, and polkit-libs among others.
What vulnerability does RHSA-2021:2236 address?
RHSA-2021:2236 addresses a local privilege escalation vulnerability in the polkit component.
Is there a way to verify if RHSA-2021:2236 is applied?
You can verify if the patch for RHSA-2021:2236 is applied by checking the version of the installed polkit package on your system.

RHSA-2021:2236: Important: polkit security update

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2021:2236?

How do I fix RHSA-2021:2236?

Which packages are affected by RHSA-2021:2236?

What vulnerability does RHSA-2021:2236 address?

Is there a way to verify if RHSA-2021:2236 is applied?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of RHSA-2021:2236?

How do I fix RHSA-2021:2236?

Which packages are affected by RHSA-2021:2236?

What vulnerability does RHSA-2021:2236 address?

Is there a way to verify if RHSA-2021:2236 is applied?