“12 Years”!?! Well, “Open Source” doesn’t mean ‘Secure OS‘.
Security researchers from Qualys have just discovered a 12-year-old Linux vulnerability that has remained undetected until now. The bug, dubbed PwnKit, allows hackers to gain full root privileges through an unprivileged user, thanks to a memory corruption vulnerability in polkit’s pkexec. This is a SUID-root program installed on every major Linux distro.
Thankfully this vulnerability was discovered by responsible security researchers and, as far as we know, hasn’t been exploited in the wild just yet. However, the exploit could soon become public, allowing anyone to get their hands on this hack.
Linux is ‘n has been a Hacker’s Paradise for decades. Will add this news to the *Linux Security Issues* page.
LINUX IS LIKE A BOX OF CHOCOLATES – you never know what you’re gonna get!