This is a PoC for PwnKit Local Privilege Escalation Vulnerability that was discovered by Qualys Security Team.
The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution.
The following image is used to show the payload in action in a debian based operating system
- There are two POCs provided a self-contained that does not require any dependencies installed in the vulnerable endpoint i.e GCC.
- The immediate recommendation was to remove the
SUIDbit of the polkit binary/executable.