CISA Sounds the Alarm Over High-Severity Bug in All Major Linux Distros
A high-severity Linux vulnerability capable of granting abusers root access to target endpoints is being exploited in the wild, researchers have warned.
The flaw is found in Polkit’s pcexec component, which can be found in pretty much all major Linux distributions. Tracked as CVE-2021-4034, the flaw is dubbed PwnKit, and is described as a memory corruption bug.
It allows threat actors full root privileges on Linux systems with default setups. What’s more, threat actors can exploit the bug without leaving a trace on the compromised endpoint.