Linux security advisory (AV22-042)

Number: AV22-042
Date: 27 January 2022

On 25 January 2022 several Linux distributions released security updates to address a vulnerability in the following product:

  • PolKit – all versions

PolKit is a component for controlling system-wide privileges and is present in the default configuration of all major Linux distributions.

Exploitation of this vulnerability may lead to local privilege escalation to root.

Proof-of-concept exploit code has been released publicly.

Please note that the list below is not exhaustive and that other versions of Linux may also be affected.

The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.

Red Hat
Qualys’ Disclosure

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: