PwnKit Linux Vulnerability Discovered And Fixed After 12 Years

Researchers have discovered a new Linux vulnerability, dubbed “PwnKit” which has riddled various Linux distros for over a decade. The vulnerability has finally received fixes after the bug report. Users should now ensure patching their systems with the latest updates.

PwnKit Linux Vulnerability

According to a report from Qualys, a memory corruption vulnerability ditched the cybersecurity community’s attention for 12 years.

Elaborating on the details, the researchers stated that the vulnerability, now labeled “PwnKit,” existed in the Polkit Linux component.

Briefly, Polkit (previously known as PolicyKit) is a dedicated component regulating system-wide privileges. This component also facilitates organized communication between the privileged and non-privileged processes.

Moreover, Polkit also allows executing programs with elevated privileges using the command pkexec. That’s where the bug existed. As stated,

This easily exploited vulnerability allows any unprivileged user to gain full root privileges on a vulnerable host by exploiting this vulnerability in its default configuration.

Interestingly, this vulnerability remained under the radar since May 2009, affecting all pkexec versions from the very first version.

Moreover, since the component runs on all Linux distros, the bug (CVE-2021-4034) seemingly affects all of them. The researchers could demonstrate the exploit on Ubuntu, Fedora, Debian, and CentOS, gaining “full root privileges.”

Besides, Qualys confirmed that the vulnerable component also runs on some non-Linux systems. Though, the researchers didn’t test them.

While patches are gradually rolling out, for users where patches are currently not available, Qualys recommends the following mitigation.

you can remove the SUID-bit from pkexec as temporary mitigation; for example:
# chmod 0755 /usr/bin/pkexec

For now, no public exploits for the vulnerability are available. Nonetheless, given the easy exploitability of the flaw, the researchers fear that public exploits may surface online at any time.

Hence, users should rush to update their fixes or apply temporary mitigations to prevent any real-time threats.

Recently, another vulnerability in Linux Kernel has also received a fix, requiring users to patch it as well.

Related posts

Hackers Can Bypass Fingerprint Locks On Phones With BrutePrint Attack

GitLab Released Emergency Fix For Critical Vulnerability – Update Now!