CVE-2021-3560

Published: Feb 16, 2022Modified: Nov 6, 2025CISA KEV

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Affected (6)

Products: Polkit Project: Polkit · Debian: Debian Linux · Canonical: Ubuntu Linux · +1 more

Show all products

Polkit Project: Polkit · Debian: Debian Linux · Canonical: Ubuntu Linux · Redhat: Virtualization, Virtualization Host, Openshift Container Platform

1 product

1 product

1 product

3 products

Virtualization Host

Openshift Container Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Polkit Project Polkit	Before 0.119

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 11.0

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 20.04

Configuration D

2 vulnerable

Vulnerable Software	Affected Versions
Redhat Virtualization	Version 4.0
Redhat Virtualization Host	Version 4.0

Configuration E

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Redhat Openshift Container Platform	Version 4.7

Running on/with	Platform Versions
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux	Version 8.0

Related CWEs

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (9)

http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1961710

Source: secalert@redhat.com

Issue TrackingPatchVendor Advisory

https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/

Source: secalert@redhat.com

ExploitThird Party Advisory

http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1961710

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchVendor Advisory

https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3560

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.