Yesterday users of Linux woke up to news of a new vulnerability to be concerned about, one that has actually existed for twelve years. The vulnerability is a memory corruption vulnerability and it exists within a system tool called Polkit, previously called PolicyKit, and can give unauthorized individuals root access to machines that run most distributions of Linux. If access is obtained by the wrong individuals, it could be used to run malicious code on otherwise protected machines.
Luckily this vulnerability, now referred to as PwnKit, named by the researchers at Qualys who originally discovered it, is not exploitable remotely, and is only a concern regarding local users who have some level of access to the Linux machines, but not root access. Bharat Jogi, Director of Vulnerability and Threat Research at Qualys explains, “Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged processes. It is also possible to use polkit to execute commands with elevated privileges using the command pkexec followed by the command intended to be executed (with root permission),” explained Bharat Jogi, Director of Vulnerability and Threat Research at Qualys.
Since being notified of the exploit, patches have been being quickly deployed to fix the flaw and put users' minds at ease. So far the installations of Linux confirmed to be vulnerable to this exploit are Ubuntu, Fedora, Debian, and CentOS, but users of all Linux distributions are urged to update to their distributions latest version to eliminate the potential of being affected by this exploit.