Web: https://www.linuxsecurity.com/features/features/qualys-research-team-discovers-vulnerability-in-polkit-s-pkexec?rss

Jan. 26, 2022, 6:52 p.m. | Justice Levine

LinuxSecurity.com - Hybrid RSS linuxsecurity.com

The Qualys Research Team reached out to LinuxSecurity after discovering a memory corruption vulnerability in polkit's pkexec. Pkexec is a SUID-root program that is installed by default on every major Linux distribution of the open-source operating system. This vulnerability is easily exploited and gives hackers the opportunity to gain full root privileges on a vulnerable host. Much like the Log4j vulnerability, the severity of this flaw is high and it is imperative that vulnerabilities are reported in a timely fashion. …

features linux linux security polkit qualys research security team vulnerability

Senior Incident Responder

@ CipherTechs, Inc. | Remote

Data Security DevOps Engineer Senior/Intermediate

@ University of Michigan - ITS | Ann Arbor, MI

Senior Penetration Tester

@ CipherTechs, Inc. | Remote

Data Analyst

@ SkyePoint Decisions | Washington, DC

POA&M Analyst

@ SkyePoint Decisions | Washington, DC

PKI Systems Engineer

@ SkyePoint Decisions | Springfield, VA