{"id":8955,"date":"2022-02-02T11:13:11","date_gmt":"2022-02-02T10:13:11","guid":{"rendered":"https:\/\/clouding.io\/blog\/?p=8955"},"modified":"2022-03-30T10:57:56","modified_gmt":"2022-03-30T08:57:56","slug":"actualitzem-nostra-plataforma-contra-vulnerabilitat-pwnkit-linux","status":"publish","type":"post","link":"https:\/\/clouding.io\/blog\/ca\/actualitzem-nostra-plataforma-contra-vulnerabilitat-pwnkit-linux\/","title":{"rendered":"Actualitzem la nostra plataforma contra la vulnerabilitat Pwnkit de Linux"},"content":{"rendered":"\n<p>Des del passat 31 de gener totes les <strong>imatges Linux<\/strong> que es troben en el panell de client de&nbsp;Clouding&nbsp;estan <strong>actualitzades contra la vulnerabilitat&nbsp;Pwnkit&nbsp;de Linux<\/strong>, detectada recentment. Per tant, aquesta vulnerabilitat no afecta als usuaris que tri\u00efn aquestes distribucions per a crear els seus servidors&nbsp;cloud&nbsp;en&nbsp;Clouding.<\/p>\n\n\n\n<p>La setmana passada,<a href=\"https:\/\/blog.qualys.com\/vulnerabilities-threat-research\/2022\/01\/25\/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034\" target=\"_blank\" rel=\"noreferrer noopener\"> investigadors de&nbsp;Qualys&nbsp;van descobrir una vulnerabilitat en Linux<\/a> que afecta la majoria de les seves distribucions. La vulnerabilitat es va registrar com&nbsp;CVE-2021-4034&nbsp;i va ser denominada&nbsp;Pwnkit; i permet a un usuari sense permisos tenir acc\u00e9s&nbsp;root&nbsp;en un&nbsp;host&nbsp;ali\u00e8. Consisteix en una<strong> fallada de corrupci\u00f3 en&nbsp;Polkit<\/strong>, un component que controla tots els privilegis del sistema de la majoria de distribucions Linux. Aquest component incorpora&nbsp;<strong>pkexec<\/strong>, un element que dona permisos a un usuari que no els t\u00e9 per a executar comandos igual que si fos un altre usuari i amb privilegis m\u00e0xims.<\/p>\n\n\n\n<p>Segons els investigadors, es tracta d&#8217;una fallada originada <strong>fa m\u00e9s de dotze anys<\/strong> i sembla que prov\u00e9 del&nbsp;commit&nbsp;inicial de&nbsp;pxekec. Per tant, totes les versions de&nbsp;Polkit&nbsp;estan afectades.<\/p>\n\n\n\n<p>Perqu\u00e8 aquesta vulnerabilitat no afecti els nostres usuaris, <strong>en&nbsp;Clouding&nbsp;ja hem aplicat les solucions provisionals recomanats pels autors de&nbsp;Polkit<\/strong>&nbsp;per a totes les <a href=\"https:\/\/help.clouding.io\/hc\/ca\/articles\/360010189200-Imatges-de-Linux\">imatges preinstal\u00b7lades Linux<\/a> del nostre panell de client.<\/p>\n\n\n\n<p>Si ja tenies un servidor creat la nostra recomanaci\u00f3 \u00e9s que actualitzis tots els paquets per a solucionar aquesta vulnerabilitat. En cas de servidors web\/BD\/email&nbsp;\u00e9s molt dif\u00edcil d&#8217;explotar aquesta vulnerabilitat ja que requereix d&#8217;acc\u00e9s&nbsp;SSH&nbsp;o acc\u00e9s al servidor com a usuari. Si el teu sistema operatiu aquesta&nbsp;EOL, pr\u00f2xim a la seva fi de vida \u00fatil, una soluci\u00f3 \u00e9s permetre nom\u00e9s&nbsp;pkexec&nbsp;a l&#8217;usuari&nbsp;root, per exemple aplicar&nbsp;chmod&nbsp;0755 \/usr\/*bin\/*pkexec.<\/p>\n\n\n\n<p>Si et queda algun dubte sobre aquesta q\u00fcesti\u00f3, el nostre <a href=\"https:\/\/clouding.io\/ca\/suport#\">equip de Suport<\/a> podr\u00e0 resoldre-te-la i ajudar-te en el que necessitis. Escriu-nos a <a href=\"mailto:suport@clouding.io\">suport@clouding.io<\/a> o truca&#8217;ns, estarem encantats d&#8217;atendre&#8217;t.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Totes les imatges Linux que es troben en el panell de client de Clouding estan actualitzades contra la vulnerabilitat Pwnkit de Linux.<\/p>\n","protected":false},"author":2,"featured_media":8818,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[88,24,3],"tags":[90,5727],"yst_prominent_words":[1416,5716,5725,583,5723,1425,1803,5726,5724,965,1640,5717,1403,5718,5397,5398,5722,5719,5721,5720],"class_list":["post-8955","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-actualidad","category-clouding-io","category-uncategorized-ca","tag-linux","tag-pwnkit"],"acf":[],"_links":{"self":[{"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/posts\/8955","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/comments?post=8955"}],"version-history":[{"count":4,"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/posts\/8955\/revisions"}],"predecessor-version":[{"id":9004,"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/posts\/8955\/revisions\/9004"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/media\/8818"}],"wp:attachment":[{"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/media?parent=8955"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/categories?post=8955"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/tags?post=8955"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/clouding.io\/blog\/ca\/wp-json\/wp\/v2\/yst_prominent_words?post=8955"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}