源地址:
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001
redhat 有附帶的jiaoben 可以檢測自己當前的版本是否受影響:
綠色的是檢測腳本,藍色的是緩解腳本
下載運行:
wget https://access.redhat.com/sites/default/files/cve-2021-4034--2022-01-25-0936.sh
This script (v1.0) is primarily designed to detect CVE-2021-4034 on supported Red Hat Enterprise Linux systems and kernel packages. Result may be inaccurate for other RPM based systems. Detected 'polkit' package: polkit-0.112-26.el7.x86_64 This polkit version is vulnerable. Follow https://access.redhat.com/security/vulnerabilities/RHSB-2022-001 for advice.
所以更新即可:
yum update polkit -y
然后再次運行腳本檢測:
bash cve-2021-4034--2022-01-25-0936.sh
提示正常,然后就ok了
注意:mitigate是緩解的意思,是不得已的方法