A seven-year-old privilege escalation vulnerability that’s been lurking in several Linux distributions was patched last week in a coordinated disclosure. In a blog post on Thursday, GitHub security researcher Kevin Backhouse recounted how he found the bug (CVE-2021-3560) in a service called polkit that is used in systemd, a common Linux system and service manager component.
Read full article on The Register