Patch release notes 1912t
Release notes for Vyatta NOS 1912t, released January 27, 2022.
Security vulnerabilities resolved
Security vulnerabilities resolved in release 1912t.
Issue number | CVSS | Advisory | Summary |
---|---|---|---|
VRVDR-56909 | 7.8 | N/A | CVE-2021-4034: policykit-1 security update |
This patch addresses a local privilege escalation discovered by the Qualys Research Labs. This vulnerability alone is not exploitable via admin or operator level accounts if system user-isolation is enabled. The user-isolation would have to be bypassed first for successful exploitation. Customers are still advised to apply this provided update, even with user-isolation enabled.