CVE-2021-3560 Red Hat CVE debrief

Who should care

Red Hat administrators, Linux platform owners, endpoint and server patching teams, vulnerability management teams, and security operations teams responsible for systems that use Polkit.

Technical summary

The supplied corpus identifies the issue only as a Polkit incorrect authorization vulnerability affecting Red Hat. CISA has added it to the Known Exploited Vulnerabilities catalog, which indicates confirmed exploitation risk and makes timely patching the main defensive priority.

Defensive priority

High. CISA KEV inclusion means this issue should be prioritized ahead of non-exploited vulnerabilities, with remediation tracked against the KEV due date of 2023-06-02 in the supplied timeline.

Recommended defensive actions

• Apply updates per vendor instructions as soon as possible.
• Inventory systems that use Red Hat Polkit so affected assets can be prioritized.
• Validate remediation status across servers, endpoints, and any golden images or templates that include the product.
• If immediate patching is not possible, use compensating controls and track the exception until updates are deployed.
• Confirm completion before the CISA KEV due date shown in the supplied timeline.

Evidence notes

This debrief is limited to the supplied corpus and official links. The strongest evidence is the CISA KEV entry, which names the vulnerability as 'Red Hat Polkit Incorrect Authorization Vulnerability' and instructs organizations to apply updates per vendor instructions. The supplied source item also references the official CVE record and NVD detail page.

Official resources