By Ravie Lakshmanan
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week moved toΒ addΒ a Linux vulnerability dubbedΒ PwnKitΒ to itsΒ Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation.
The issue, tracked asΒ CVE-2021-4034Β (CVSS score: 7.8), came to light in January 2022 and concerns a case ofΒ local privilege escalationΒ in polkit's pkexec utility, which allows an