PwnKit: Local Privilege Escalation (LPE) in Polkit’s pkexec (CVE-2021-4034)

Summary On January 25, researchers at Qualys disclosed a high severity local privilege escalation (LPE) vulnerability affecting Linux’s policy kits (Polkit) pkexec utility. Pkexec is