A 12-year-old Polkit vulnerability has been disclosed that allows users to gain full root access. The vulnerability stems from a memory corruption issue and has been listed as CVE-2021-4034.
Polkit is a component that manages system-wide privileges. It allows non-privileged processes to communicate with privileged processes in a structured manner. First released in 2009, Polkit was renamed in 2012 from PolicyKit to Polkit. Over time multiple Linux-based distributions have included Polkit like Fedora, Ubuntu since version 8.04 and openSUSE since version 10.3.
The flaw, dubbed “PwnKit”, affects polkit’s pkexec component, which is installed by default on every major Linux distribution and allows attackers that have gained access to a system to perform actions with full root access. The vulnerability has been given the identifier CVE-2021-4034 and was disclosed to Linux vendors on November 18, 2021. Yesterday both RedHat and Ubuntu, released their updates and security advisories to fix the issue with others expected to follow soon.
To ensure your Linux devices are secure, it is recommended that you check if your Linux machines have been updated and the Polkit version included in your distribution has been updated with a fixed version. This information should be provided on the distribution’s website similar to RedHat and Ubuntu.
To help with this process, we’ve created a specialized report that provided an overview of all your Linux machines along with the Polkit version installed. Since every version of a distribution can have a different Polkit version, it is important to check the distribution’s website for specific information on which Polkit version has a fix included for CVE-2021-4034
