I have been looking at the security notices for CVE-2021-4034. When I run an update I don't see a fix listed for this CVE but I see the fix is out for mainline ubuntu on another machine. How do I make sure I got the fix and it's applied?
1 Like
Visit
It is fixed.
I understand that but I how can I check that I have the fix applied?
If unsure run sudo apt-get update && sudo apt-get upgrade
followed by apt-get changelog policykit-1 | grep CVE-2021-4034 -A5 -B5
to get something like shown below:
$ apt-get changelog policykit-1 | grep CVE-2021-4034 -A5 -B5 Get:1 https://changelogs.ubuntu.com policykit-1 0.105-20ubuntu0.18.04.6 Changelog [31,8 kB] policykit-1 (0.105-20ubuntu0.18.04.6) bionic-security; urgency=medium * SECURITY UPDATE: Local Privilege Escalation in pkexec - debian/patches/CVE-2021-4034.patch: properly handle command-line arguments in src/programs/pkcheck.c, src/programs/pkexec.c. - CVE-2021-4034 -- Marc Deslauriers <[email protected]> Wed, 12 Jan 2022 07:34:00 -0500 policykit-1 (0.105-20ubuntu0.18.04.5) bionic-security; urgency=medium
3 Likes