This is a PoC for PwnKit Local Privilege Escalation Vulnerability that was discovered by Qualys Security Team.

The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution.

The following image is used to show the payload in action in a debian based operating system

• There are two POCs provided a self-contained that does not require any dependencies installed in the vulnerable endpoint i.e GCC.

• The immediate recommendation was to remove the SUID bit of the polkit binary/executable.