Advisories

Discover Security Vulnerabilities News

Discover How To Secure My Firewall HOWTOs

Linux system service bug lets you get root on most modern distros

Linux system service bug lets you get root on most modern distros

Unprivileged attackers can get a root shell by exploiting an authentication bypass vulnerability in the polkit auth system service installed by default on many modern Linux distributions. This polkit local privilege escalation bug (tracked as CVE-2021-3560) was publicly disclosed, and a fix was released on June 3, 2021.

It was introduced seven years ago in version 0.113 and was only recently discovered by GitHub Security Lab security researcher Kevin Backhouse.

Even though many Linux distributions haven't shipped with the vulnerable polkit version until recently, any Linux system shipping with polkit 0.113 or later installed is exposed to attacks.

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.