Every major Linux distribution has an easily exploited memory-corruption bug that’s been lurking for 12 years – a stunning revelation that’s likely to be followed soon by in-the-wild exploits. Found in polkit’s pkexec – a tool for controlling system-wide privileges in Unix-like operating systems that allows a user to execute commands as another user, serving as an alternative to sudo – successful exploitation gives full root access to any unprivileged user.
Read full article on Threat Post