From bd3256cf4f7a651e234403977fa29d4dfde255b8 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 25 Jan 2022 19:57:24 +0100 Subject: [PATCH] polkit: fix local priviledge escalation in pkexec > We discovered a Local Privilege Escalation (from any user to root) in > polkit's pkexec, a SUID-root program that is installed by default on > every major Linux distribution https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt Fixes: CVE-2021-4034 --- pkgs/development/libraries/polkit/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pkgs/development/libraries/polkit/default.nix b/pkgs/development/libraries/polkit/default.nix index dcc077e3dd8d..3a3199cbd7a9 100644 --- a/pkgs/development/libraries/polkit/default.nix +++ b/pkgs/development/libraries/polkit/default.nix @@ -60,6 +60,11 @@ stdenv.mkDerivation rec { url = "https://gitlab.freedesktop.org/polkit/polkit/-/commit/7ba07551dfcd4ef9a87b8f0d9eb8b91fabcb41b3.patch"; sha256 = "ebbLILncq1hAZTBMsLm+vDGw6j0iQ0crGyhzyLZQgKA="; }) + # pkexec: local privilege escalation (CVE-2021-4034) + (fetchpatch { + url = "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch"; + sha256 = "162jkpg2myq0rb0s5k3nfr4pqwv9im13jf6vzj8p5l39nazg5i4s"; + }) ] ++ lib.optionals stdenv.hostPlatform.isMusl [ # Make netgroup support optional (musl does not have it) # Upstream MR: https://gitlab.freedesktop.org/polkit/polkit/merge_requests/10