2022-01-26 09:44 Serious vulnerability in pwnkit (CVE-2021-4034)
Pwnkit is installed by default in most linux distributions, there is no permanent fix yet but there is a workaround, you can remove the suid bit from the binary using chmod 0755 /usr/bin/pkexec and that will make it impossible to exploit this bug. Pkexec is installed by default on all major Linux distributions. Pkexec has been vulnerable since its creation in May 2009. Any unprivileged local user can exploit this vulnerability to get full root privileges. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034
...