I first read about this today at Bleeping Computer.
Redhat already provides an update: polkit.x86_64 0:0.112-26.el7_9.1
I also saw my fedora laptop already was patched with the newest version of polkit.
Besides that, the vulnerability is only exploitable with direct access to a vulnerable device.
Anyone trying has to pass the man with the baseball bat first… rawrrr…
Output of rpm -qa polkit*
polkit-0.112-26.el7.x86_64
polkit-pkla-compat-0.1-4.el7.x86_64
Then after a Yum update… Polkit update rise like a hoping Dawn.
polkit-pkla-compat-0.1-4.el7.x86_64
polkit-0.112-26.el7_9.1.x86_64
My Nethserver also updated polkit.
Thanks for the replies, I was a bit behind in updates and these were waiting on me.
CentOS-minimal:
kernel-tools-libs@3.10.0-1160.53.1.el7 from ce-updates
polkit@0.112-26.el7_9.1 from ce-updates
openssl@1.0.2k-24.el7_9 from ce-updates
kernel@3.10.0-1160.53.1.el7 from ce-updates
kernel-tools@3.10.0-1160.53.1.el7 from ce-updates
openssl-libs@1.0.2k-24.el7_9 from ce-updates