Fix CVE-2021-3560

2021-06-15 11:34:39 +08:00 · 2021-06-15 11:34:39 +08:00 · 72577fdeb0
commit 72577fdeb0
parent 9b5ed8f464
2 changed files with 33 additions and 2 deletions
--- a/backport-CVE-2021-3560.patch
+++ b/backport-CVE-2021-3560.patch
@ -0,0 +1,27 @@
+From a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81 Mon Sep 17 00:00:00 2001
+From: Jan Rybar <jrybar@redhat.com>
+Date: Wed, 2 Jun 2021 15:43:38 +0200
+Subject: [PATCH] GHSL-2021-074: authentication bypass vulnerability in polkit
+
+initial values returned if error caught
+---
+ src/polkit/polkitsystembusname.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c
+index 8daa12c..8ed1363 100644
+--- a/src/polkit/polkitsystembusname.c
+++ b/src/polkit/polkitsystembusname.c
+@@ -435,6 +435,9 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName           *system_bus
+   while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error))
+     g_main_context_iteration (tmp_context, TRUE);
+ 
+  if (data.caught_error)
+    goto out;
+
+   if (out_uid)
+     *out_uid = data.uid;
+   if (out_pid)
+-- 
+GitLab
+
--- a/polkit.spec
+++ b/polkit.spec
@ -1,6 +1,6 @@
 Name:             polkit
 Version:          0.116
-Release:          6
+Release:          7
 Summary:          Define and Handle authorizations tool
 License:          LGPLv2+ and Apache 2.0
 URL:              http://www.freedesktop.org/wiki/Software/polkit
@ -8,7 +8,8 @@ Source0:          http://www.freedesktop.org/software/polkit/releases/%{name}-%{
 Source1:          http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz.sign
 Source2:          10-shutdown.rules

-Patch9000:        modify-admin-authorization-from-wheel-group-to-root.patch
+Patch0:           modify-admin-authorization-from-wheel-group-to-root.patch
+Patch1:           backport-CVE-2021-3560.patch

 BuildRequires:    gcc-c++ glib2-devel >= 2.30.0 expat-devel pam-devel gtk-doc intltool
 BuildRequires:    gobject-introspection-devel systemd systemd-devel pkgconfig(mozjs-60)
@ -127,6 +128,9 @@ exit 0
 %{_datadir}/man/man8/*

 %changelog
+* Tue Jun 15 2021 panxiaohe <panxiaohe@huawei.com> - 0.116-7
+- Fix CVE-2021-3560
+
 * Tue Feb 9 2021 Steven Y.Gui <steven_ygui@163.com> - 0.116-6
 - Rebuild with new version number