InfoSec Experts Advise On A 12-year-old Vulnerability Discovered In Polkit For Linux

By   ISBuzz Team
Writer , Information Security Buzz | Jan 27, 2022 01:11 am PST

Another critical open source vulnerability has been discovered. This time it is in a popular component used in major Linux distributions and some UNIX-like operating systems, so it has the potential to impact software development organisations far and wide. PolKit, which provides methods for nonprivileged processes to interact with privileged ones, has been assigned CVE-2021-4034 and dubbed “PwnKit.”

Tim Mackey, principal security strategist at Synopsys Cybersecurity Research Center and Travis Biehn, principal security consultant at Synopsys Software Integrity Group shares their thoughts on the incident.