Sometimes, it can take a long time before a vulnerability is exploited. In the case of this Polkit (fka PolicyKit) issue, we’re talking about a 12-year-old bug that’s just been discovered and shown off in a proof of concept.
According to researchers at Qualys, this Polkit vulnerability is in the default configuration of all major Linux distributions. It can be used to gain full root access to a system, which can open up a whole new world of problems.
“The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows any unprivileged user to gain full root privileges on a vulnerable host by exploiting this vulnerability in its default configuration,” said Bharat Jogi, Director, Vulnerability and Threat Research, Qualys.
The bug is called CVE-2021-4034 or PwnKit, and it’s definitely something you want to watch out for if you’re a Linux user. The issue isn’t part of the Linux kernel itself, but part of the Polkit software that’s installed on almost every major distro.
You can read all of the technical details about the exploit on Qualys website if you want to know more about how it works.
Thankfully, several of the major Linux distros have already started rolling out updates to fix the exploit. Both Ubuntu and Debian 11 have received patches, and we expect others to follow in short order. Regardless of what Linux distro you use, make sure to run its update tool as soon as you can to make sure you have the latest version with the fix for this exploit.