Linux / Unix

Local Privilege Escalation Vulnerability in all major Linux distributions

Last night, security firm Qualys released information about a critical vulnerability in all major Linux distributions.

The vulnerability is due to a bug in the “Polkit” program and is labeled CVE-2021-4034. Polkit is a program that allows unauthorized processes to communicate with authorized processes.

By exploiting the bug in Polkit, a local user can easily gain root privileges on a system. This only applies to local users on your VPS: without already having access to an operating system via SSH or the VPS console in the TransIP control panel, it is not possible to exploit this vulnerability.

Regardless of whether or not there are local users on your VPS, for security reasons it is recommended to update VPS/Servers.

Use the commands below and restart your VPS/servers afterward. 

Ubuntu/Debian: sudo apt -y update && sudo apt -y upgrade
CentOS/AlmaLinux: sudo yum -y update
Fedora: sudo dnf upgrade --refresh
Author: Danyal
I'm a skilled programmer specializing in Vue.js/Nuxt.js for front-end development and PHP Laravel for back-end solutions. I have a strong focus on API design and development, complemented by experience in web server setup and maintenance. My versatile expertise ensures seamless creation and maintenance of web applications, covering everything from intuitive user interfaces to robust server-side functionality. Passionate about coding and driven by a lifelong learning mindset, I invite you to explore more at danyal.dk.