A memory corruption vulnerability (CVE-2021-4034) in PolKit, a component used in major Linux distributions and some Unix-like operating systems, can be easily exploited by local unprivileged users to gain full root privileges. While the vulnerability is not exploitable remotely and doesn’t, in itself, allow arbitrary code execution, it can be used by attackers that have already gained a foothold on a vulnerable host to escalate their privileges and achieve that capability. About the vulnerability (CVE-2021-4034) … More
The post PolKit vulnerability can give attackers root on many Linux distros (CVE-2021-4034) appeared first on Help Net Security.
Source: help net security.com