CVE-2021-4034 (polkit vulnerability) Guidance for DataCore Swarm

This KB outlines customer guidance for necessary remediation of reported vulnerabilities with the Linux polkit package:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034

DataCore FileFly

Linux is not a supported operating system, no remediation required.

Swarm Gateway

Supported operating systems are Red Hat (RHEL) 7 and CentOS 7. New packages are available for polkit update per vendor guidance, details are available at:

Apply the necessary polkit update as needed in all Swarm Gateway systems.

Swarm Search / Elasticsearch

Apply polkit updates per vendor guidance, as outlined for Swarm Gateway above.

Swarm Storage

Swarm Storage does not ship runtime images with the polkit package installed in any Swarm version. No update is required.

Workaround if Packages Aren’t Available

If packages are not available from your Linux OS vendor, the recommended workaround is to remove the SUID bit from pkexec (usually present as /usr/bin/pkexec on systems where polkit is installed). This can be done with the following operation:

chmod 0755 /usr/bin/pkexec

 

© DataCore Software Corporation. · https://www.datacore.com · All rights reserved.