Polkit's pkexec (CVE-2021-4034): Major vulnerability requires patching server infrastructure

Recently a major security vulnerability was discovered in Polkit, essentially all Linux systems (since May 2009, yes 2009) that have shell access are exploitable to get root access. Exploit works almost instantly.

So, if a number of people have shell access to the servers.
Or monitor such vulnerabilities & patch them ASAP, they become a center of attention for hackers who tend to construct multistage exploits, and in combination with almost any remote execution which gives user shell access (like recent log4j CVE-2021-44228), it becomes remote root execution. It is better to await patch/update ASAP.

The initial source of the security information was a Qualys security company report:


To determine on the eye what servers can have polkit: one can look at first degree of package dependencies, for example at Arch Linux - polkit 0.120-4 (x86_64).

A lot of more modern AAA software & libs are based on it: { libvirt, udisks2, sysprof, accountsservice, packagekit, gufw, flatpak, fwupd, usbguard } to name a few most frequent server lib/tools from the list.

Also, a nice time to think & check are backups available to be restored.

Besides that - it is better to direct to refer to online materials on mitigation.