CVE-2021-4034 — Red Hat Polkit Out-of-Bounds Read and Write Vulnerability
2022-06-27 • CISA Known Exploited Vulnerability
[event] The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Red Hat |
| Product | Polkit |
| CWE | CWE-787 |
| CVE ID | CVE-2021-4034 |
| Date Added | 2022-06-27 |
| Due Date | 2022-07-18 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-07-18