It's probably not too wrong to say that the new year of 2022 hasn't been the best of starts for Linux when it comes to malware and security. Only recently, there was a report about a tenfold increase in Linux malware samples, and earlier today, we have a new report of a new exploitable security bug dubbed "PwnKit" that apparently flew under the radar for 12+ years.
Linux security researchers over at Qualys have uncovered this dangerous security vulnerability that leaves all major Linux distributions vulnerable and exploitable to local privilege escalation (LPE). The new vulnerability has been assigned the ID "CVE-2021-4034".
The team of researchers says that using the exploit, it was able to obtain full root privileges on default installations of some of these Linux distros like Ubuntu, Debian, Fedora, and CentOS, and also believes that other Linux distributions should be affected too. That's because the flaw discovered is a memory corruption vulnerability in Polkit's pkexec program, a SUID-root program that is installed on all major Linux distributions.
Since the flaw has been present in the pkexec since its very beginning, Qualys thinks that the Linux distros have been sitting ducks for hackers for the last 12+ years. While the vulnerability is not exploitable remotely, a hacker who gains access as an unprivileged user will be able to take advantage of it to get root access.
The security research firm has provided a demonstration below of the exploit in action:
You can find more technical details on Qualys' blog post linked here.