Patch release notes 2110b
Vyatta NOS patch release notes 2110b.
Released January 27, 2022
Security vulnerabilities resolved
Security vulnerabilities resolved in 2110b.
Issue number | CVSS score | Advisory | Summary |
---|---|---|---|
VRVDR-56909 | 7.8 | N/A | CVE-2021-4034: policykit-1 security update |
This patch addresses a local privilege escalation discovered by the Qualys Research Labs. This vulnerability alone is not exploitable via admin or operator level accounts if system user-isolation is enabled. The user-isolation would have to be bypassed first for successful exploitation. Customers are still advised to apply this provided update, even with user-isolation enabled.