From nobody Wed Jan 26 23:05:03 2022 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id E8FBB198F254; Wed, 26 Jan 2022 23:05:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JkfSb5tq2z3P5W; Wed, 26 Jan 2022 23:05:03 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643238303; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/wHO1zR9IZeZYeM97PfHA6x8lLEPTRZXW+WtrkETzs4=; b=n9NzbP8M2dPk4poObK8asZozYlvwOuAscL5dgqJazrlGxLaZD8b6KJoFp7It2nscpa5Cnv x4/ZjyqQEVyGFLXpzYUF0fGwVDuZ29lVrc3OeiIxgZ1ussrmZ2U2uZYfNT8hI4OvI53+TJ YQD58xFUE+UUPMmFI8271yFCSLzjYvMtDwSSm9PuPoT2pCCZhHNvWU4DE3t6JzBp3kkNLm dXy+napaEY+k/7f8fheg15iSmdFSGSRnwmtS3v0S+l1Dh5twXm6hIZ5U8KpSFNqB4Ulm3c VH/ka7Gx9YNlo58YY9j8VrJZtJ9OpNscOC3H06GD9CQ+B8L7VKIlF4hVP6Nq0Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AA70D37A9; Wed, 26 Jan 2022 23:05:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 20QN53c5008622; Wed, 26 Jan 2022 23:05:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 20QN537s008621; Wed, 26 Jan 2022 23:05:03 GMT (envelope-from git) Date: Wed, 26 Jan 2022 23:05:03 GMT Message-Id: <202201262305.20QN537s008621@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Adriaan de Groot Subject: git: 7e3378fc941d - main - security/vuxml: notify polkit local-privilege-escalation List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: adridg X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 7e3378fc941d3710b4d864e3fffa0c78004b0632 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643238303; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/wHO1zR9IZeZYeM97PfHA6x8lLEPTRZXW+WtrkETzs4=; b=Sc91XuNiJLjxABsB0mOJ734EAglbLscpGWgJE96Nu7cM6Edg8v49fvXrjayTOC86hKwUqi QPAq1j9c+bS9P146yW56wieKbanKCt6fHUbCWR74jfMLE9sMgvm+Y81nVNA7tAFtayHRMJ Eg2yY9d1eSgJW8pMEu+OTHOM1khrUoqEPUidQbNy6qNpU1ABYg0Ow8wIMFLXyWheQiF2Oh n+XOsEHWWULjg0VpN2tvOdFSEE6rEL7u88SCxXXwRQJqxl8TW3SORfUGLTxSZ7W8giXaf+ NtXZI9Wzr22YBc5hiBHPY8Q0+VGnjsmoTkw+E/AGPBG/9/GNyL6a32ZeVYvmGw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643238303; a=rsa-sha256; cv=none; b=gEaozFJwYplnbmTolIkCHan+Z/AhdARPyQqN6GqLyFBLme9QgoSU9Z7CIBvFBoxU/Y460B mZSbSoeXYYM+naoBFAxp9+Y96q82HpVDivXQc01+fo8Bu5N3i2RfImFuDh4pGh3ltJyVI0 RQIHpbRcOlo3QBK74R8a63ju3xs94qY87wL1Gc1N/72XQKgWX0BgaM9vnOBP12jgjWh9js GakQZtgR1n0C2MNOqpi3EC4SP5WrBEzdF+fnzI5BjbH82k0aNvbYc7I0xcKqB1TIEk/VOX s0ZJ5ov00vRqzF9TuyWTVU/XymKNxi70lMnAGzm3zQfESINYXtKQFAFP/jSUCQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by adridg: URL: https://cgit.FreeBSD.org/ports/commit/?id=7e3378fc941d3710b4d864e3fffa0c78004b0632 commit 7e3378fc941d3710b4d864e3fffa0c78004b0632 Author: Adriaan de Groot AuthorDate: 2022-01-26 23:02:41 +0000 Commit: Adriaan de Groot CommitDate: 2022-01-26 23:05:01 +0000 security/vuxml: notify polkit local-privilege-escalation It was unclear if the actual explot would work on FreeBSD, since there's no GNU libc which the payload would work on. The following changes are / have been applied: - fix in polkit from upstream (from Greg V) - at kernel level, fixes to disallow argc==0 (from kevans, I think) PR: 261482 --- security/vuxml/vuln-2022.xml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index f0f0d7dd6ca9..7d27bd6cc453 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,32 @@ + + polkit -- Local Privilege Escalation + + + polkit + 0.120_1 + + + + +

Qualys reports:

+
+

We discovered a Local Privilege Escalation (from any user to root) in +polkit's pkexec, a SUID-root program that is installed by default on +every major Linux distribution.

+
+ + + + CVE-2021-4034 + https://seclists.org/oss-sec/2022/q1/80 + ports/261482 + + + 2022-01-25 + 2022-01-26 + + + strongswan - Incorrect Handling of Early EAP-Success Messages