Attackers can easily exploit a memory corruption vulnerability known as CVE-2021-4034 (PwnKit) that is used in popular Linux distributions to gain full root access.
What is CVE-2021-4034 (PwnKit)?Â
CVE-2021-4034 – called PwnKit by the Qualys researchers who discovered it – is a vulnerability in the PolKit pkexec utility that was introduced in May 2009.
Bharat Jogi, Director of Vulnerability and Threat Research at Qualys explains that PwnKit is “a memory corruption vulnerability in Polkit’s, which allows any unprivileged user to gain full root privileges on a vulnerable system using default polkit configuration,â€
PwnKit’s exploitability has been confirmed. Patches have already been made available to address the vulnerability and prevent further exploitation.
Additionally, the issue was detected in a user using an ARM64 system:
“Since most major distributions already released patches, the best option now is to install the patches. Of course, you’ll need to do it on all systems. If you cannot, or if there are no patches available, you can prevent the vulnerability from being exploited by removing the SUID bit from the pkexec tool; just make sure that you are not breaking anything,†he advised.
Users and administrators are urged to apply the provided patches / upgrades immediately, particularly on multi-user systems, Zdrnja noted.
Continue reading at HelpNetSecurity or BleepingComputer
