MaGe Linux Operations

Feb 4, 2022 · Information Security

How a 12-Year-Old Linux Polkit Flaw (CVE-2021-4034) Grants Unlimited Root Access

Researchers uncovered a 12‑year‑old vulnerability in Linux’s Polkit (CVE‑2021‑4034, dubbed PwnKit) that lets attackers exploit the pkexec utility to gain unrestricted root privileges on most major distributions, prompting urgent patching recommendations and mitigation steps for administrators.