pwnkit
Safeguard articles tagged "pwnkit" — guides, analysis, and best practices for software supply chain and application security.
4 articles
PwnKit (CVE-2021-4034) Explained: Root From a 12-Year-Old Polkit Bug
CVE-2021-4034, aka PwnKit, is a memory-corruption flaw in polkit's pkexec that gives any local user reliable root on nearly every Linux distribution. Here is how it works and how to close it.
PwnKit Five Years On: Why CVE-2021-4034 Still Lives in Production
PwnKit was a trivial local privilege escalation in polkit that affected nearly every Linux distribution for over a decade. The technical details and the residual risk in 2026.
PwnKit polkit pkexec local privilege escalation (CVE-2021-4034)
PwnKit (CVE-2021-4034) is a 12-year-old polkit pkexec flaw giving any local user instant root on most Linux distros. Here's the full breakdown and fix.
Polkit pkexec Privilege Escalation: CVE-2021-4034 (PwnKit)
A 12-year-old memory corruption bug in Polkit's pkexec gave any unprivileged local user instant root access on virtually every major Linux distribution. Here's why it matters.