InfoSec Experts Advise On A 12-year-old Vulnerability Discovered In Polkit For Linux

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1" class="logo-image logo-image-dark" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1" class="logo-image" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1" class="logo-image logo-image-dark" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1" class="logo-image" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

web vulnerability scanner

Another critical open source vulnerability has been discovered. This time it is in a popular component used in major Linux distributions and some UNIX-like operating systems, so it has the potential to impact software development organisations far and wide. PolKit, which provides methods for nonprivileged processes to interact with privileged ones, has been assigned CVE-2021-4034 and dubbed “PwnKit.”

Tim Mackey, principal security strategist at Synopsys Cybersecurity Research Center and Travis Biehn, principal security consultant at Synopsys Software Integrity Group shares their thoughts on the incident.

About the Author

ISBuzz Team

The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

Working With Us

Write For Us

The Pages