Major Linux exploit found
Almost every distro is affected by a major vulnerability – make sure that your systems are patched.
Aserious new vulnerability has been found in polkit’s pkexec application, which is installed by default in many Linux distros. Due to its popularity, and the fact that it’s used to control system-wide privileges, the vulnerability has resulted in a major security issue for millions of Linux systems.
Its discovery by researchers at Qualys (you can read the announcement at https://bit.ly/ lxf287qualys) has got a lot of people concerned, with US National Security Agency (NSA) cybersecurity director Rob Joyce writing on Twitter (https://bit.ly/lxf287tweet) that the vulnerability “has me concerned. Easy and reliable privilege escalation preinstalled on every major Linux distribution.”
According to researchers, this vulnerability has been included since the first release of pkexec in May 2009, and any local user can exploit this vulnerability to obtain full root privileges. It didn’t take long before PwnKit exploits using the vulnerability emerged.
If you’re running a system that’s vulnerable (and because pkexec is included in almost all major distros such as Ubuntu, Debian, Fedora and CentOS, then it’s likely you are), you should patch your system immediately. Cyberark, a security firm, has also released the PwnKitHunter tool for Debian and Ubuntu (https://bit. ly/lxf287pwnkit-hunter) that will help you determine if your system is affected.
The fact that this vulnerability has been hanging around for so long is worrying, and as The Stack reports (https://bit.ly/ lxf287thestack), security researcher Ryan Mallon claims he pointed out the vulnerability back in 2013. With the vulnerability now more widely reported, hopefully it’s taken more seriously, and other potential vulnerabilities within the default apps that come with our distributions are thoroughly investigated.