The Qualys research team discovered a vulnerability in polkit’s pkexec which allows unauthorized local privilege escalation to root. This vulnerability is impacting almost all Linux Operating Systems. For those of you who are not familiar with polkit package, this package is responsible for managing and controlling communication between non-privileged processes and privileged ones.

Red Hat was aware this vulnerability since mid-November 2021 and they have release advisory for effected versions. To read more please click here.

We strongly advise our Linux VPS, VM and Dedicated server clients to update / apply the patches as soon as it become available.