The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows any unprivileged user to gain full root privileges on a vulnerable host by exploiting this vulnerability in its default configuration. About Polkit pkexec for Linux Polkit (former
![PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034) | Qualys Security Blog](https://cdn-ak-scissors.b.st-hatena.com/image/square/cfd5f25d2d03cc8ee36c96830bb95a3ad8692cb2/height=288;version=1;width=512/https%3A%2F%2Fik.imagekit.io%2Fqualys%2Femails%2Fpwnkit-twitter_tsK5u-ACr.png%3Fik-sdk-version%3Djavascript-1.4.3%26updatedAt%3D1643149580450%26tr%3Dw-1200%252Ch-675%252Cfo-auto)