Local privilege escalation in pkexec, a core Linux system component

Posted on January 25, 2022 in Operating Systems

A local privilege escalation bug (from any user to root) has been found polkit's pkexec, and exploit code is available. This binary is a SUID root program available on every major Linux distro, and is most commonly installed if a GUI is present. The flaw has been assigned a bug alert severity of 'very high'.

Continue reading