{"id":8950,"date":"2022-02-02T11:02:35","date_gmt":"2022-02-02T10:02:35","guid":{"rendered":"https:\/\/clouding.io\/blog\/?p=8950"},"modified":"2022-03-29T13:41:21","modified_gmt":"2022-03-29T11:41:21","slug":"update-of-our-platform-against-the-pwnkit-linux-vulnerability","status":"publish","type":"post","link":"https:\/\/clouding.io\/blog\/en\/update-of-our-platform-against-the-pwnkit-linux-vulnerability\/","title":{"rendered":"Update of our platform against the Pwnkit Linux vulnerability"},"content":{"rendered":"\n<p>Since January 31st, all <strong>Linux images<\/strong> in the Clouding control panel have been<strong> updated against the recently detected Linux Pwnkit vulnerability. <\/strong>Therefore, this vulnerability does not affect users who choose these distros to create their cloud servers in Clouding.<\/p>\n\n\n\n<p>Last week, <a href=\"https:\/\/blog.qualys.com\/vulnerabilities-threat-research\/2022\/01\/25\/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034\" target=\"_blank\" rel=\"noreferrer noopener\">Qualys researchers discovered a Linux vulnerability<\/a> that affects most of its distros. The vulnerability has been registered as CVE-2021-4034 and has been named Pwnkit. It allows a user without permissions to have root access in a foreign host. It consists of a <strong>corruption bug in Polkit,<\/strong> a component that controls all system privileges of most Linux distros. This component incorporates <strong>pkexec,<\/strong> an element that gives permissions to a user who doesn&#8217;t have it to execute commands as if it were another user and with maximum privileges.<\/p>\n\n\n\n<p>According to the researchers, this is a bug that originated <strong>more than twelve years ago <\/strong>and appears to come from the initial commit of pxekec. Therefore, all versions of Polkit are affected.<\/p>\n\n\n\n<p>In order for this vulnerability not to affect our users, <strong>at Clouding we&#8217;ve now applied the patches recommended by the Polkit authors<\/strong> to all the <a href=\"https:\/\/help.clouding.io\/hc\/en-us\/articles\/360010189200-Linux-Images\">preinstalled Linux images<\/a> in our control panel.<\/p>\n\n\n\n<p>If you already had a server created, our recommendation is that you update all the packages to solve this vulnerability. In the case of web\/DB\/email servers, it&#8217;s very difficult to exploit this vulnerability, since it requires SSH access or access to the server as a user. If your operating system is EOL, close to end of life, a solution is to only allow pkexec to the root user, for example to apply chmod 0755 \/usr\/bin\/pkexec.<\/p>\n\n\n\n<p>If you have any questions about this issue, our <a href=\"https:\/\/clouding.io\/en\/support#\">Support team<\/a> will be able to answer them and help you with whatever you need. E-mail us at <a href=\"mailto:support@clouding.io\">support@clouding.io<\/a> or call us, we&#8217;ll be happy to assist you.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Since January 31st, all Linux images in the Clouding control panel have been updated against the recently detected Linux Pwnkit vulnerability. <\/p>\n","protected":false},"author":2,"featured_media":8817,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[88,24,3,386,1],"tags":[],"yst_prominent_words":[5162,5157,1251,5711,5713,1564,5637,772,965,5705,5712,1458,5709,4801,5715,5704,601,5778,5714,1568],"class_list":["post-8950","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-actualidad","category-clouding-io","category-uncategorized-ca","category-sistemas-operativos-en","category-uncategorized"],"acf":[],"_links":{"self":[{"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/posts\/8950","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/comments?post=8950"}],"version-history":[{"count":4,"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/posts\/8950\/revisions"}],"predecessor-version":[{"id":9000,"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/posts\/8950\/revisions\/9000"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/media\/8817"}],"wp:attachment":[{"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/media?parent=8950"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/categories?post=8950"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/tags?post=8950"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/clouding.io\/blog\/en\/wp-json\/wp\/v2\/yst_prominent_words?post=8950"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}