漏洞彻底修复方法之离线升级
下载rpm包。下载地址:(需挂代理,Ctrl+F搜索)
wget
rpm -Uvh polkit-0.112-26.el7_9.1.x86_64.rpm
rpm -aq | grep polkit #查看Polkit是否为安全版本
./cve-2021-4034-poc
#验证漏洞poc
[root@node03 src]# ls
cve-2021-4034-poc polkit-0.112-26.el7_9.1.x86_64.rpm sysinit.sh
[root@node03 src]# rpm -aq | grep polkit
polkit-pkla-compat-0.1-4.el7.x86_64
polkit-0.112-18.el7.x86_64
[root@node03 src]# rpm -Uvh polkit-0.112-26.el7_9.1.x86_64.rpm
Preparing...
################################# [100%]
Updating / installing...
1:polkit-0.112-26.el7_9.1
################################# [ 50%]
Cleaning up / removing...
2:polkit-0.112-18.el7
################################# [100%]
[root@node03 src]# rpm -aq | grep polkit
polkit-pkla-compat-0.1-4.el7.x86_64
polkit-0.112-26.el7_9.1.x86_64
[root@node03 src]# su - lianglab
Last login: Thu Jan 27 17:50:22 CST 2022 on pts/0
[lianglab@node03 <sub>]$ ls
[lianglab@node03 </sub>]$ cd /tmp/
[lianglab@node03 tmp]$ ./cve-2021-4034-poc
pkexec --version |
--help |
--disable-internal-agent |
[--user username] PROGRAM [ARGUMENTS...]
See the pkexec manual page for more details.
Report bugs to:
polkit home page: <>
[lianglab@node03 tmp]$
