devsecops

Mitigate CVE-2021-4034 on RHEL with Ansible Playbook

January 27, 2022
Posted by Luca Berton
ansible, polkit, PWNKIT, module, linux, security, devsecops, RHEL, CentOS, Fedora, Ubuntu, Debian, SUSE

What is Polkit Privilege Escalation - (CVE-2021–4034)? “A memory corruption vulnerability in Polkit’s pkexec, witch allows any unprivileged user to gain full root privilege on a vulnerable system using default polkit configuration” cit.

Ansible code in RHSB-2021-009 Log4Shell - Remote Code Execution - log4j (CVE-2021-44228)

January 12, 2022
Posted by Luca Berton
ansible, log4j, log4shell, module, linux, security, devsecops, RHEL, CentOS, Fedora, Ubuntu, Debian, SUSE, 2021, 2022, RHSB-2021-009, CVE-2021-44228, Red Hat Security Bulletin, RHSB, security bulletin

My Ansible Playbook code was officially included in the Red Hat Security Bulletin RHSB-2021-009 Log4Shell - Remote Code Execution - log4j (CVE-2021-44228).

Detect Apache Log4j CVE-2021-44228 with Ansible Playbook

December 22, 2021
Posted by Luca Berton
ansible, log4j, log4shell, module, linux, security, devsecops, RHEL, CentOS, Fedora, Ubuntu, Debian, SUSE

How to automate the Detector Log4Shell Remote Code Execution Log4j (CVE-2021–44228)?