{"id":45008,"date":"2022-01-26T14:34:43","date_gmt":"2022-01-26T14:34:43","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33040\/A-Bug-Lurking-For-12-Years-Gives-Attackers-Root-On-Every-Major-Linux-Distro.html"},"modified":"2022-01-26T14:34:43","modified_gmt":"2022-01-26T14:34:43","slug":"a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/","title":{"rendered":"A Bug Lurking For 12 Years Gives Attackers Root On Every Major Linux Distro"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/01\/cyber-800x534.jpeg\" alt=\"A laptop screen filled with stylized illustration of cybercrime.\"><figcaption class=\"caption\"><\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a title=\"97 posters participating, including story author\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2022\/01\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">153<\/span> <span class=\"visually-hidden\"> with 97 posters participating, including story author<\/span> <\/a> <\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/p><\/div>\n<\/aside>\n<p> <!-- cache hit 416:single\/related:daaf31fe777ac722c5497d0ef1ee9afa --><!-- empty --><\/p>\n<p>Linux users on Tuesday got a major dose of bad news\u2014a 12-year-old vulnerability in a system tool called Polkit gives attackers unfettered root privileges on machines running most major distributions of the open source operating system.<\/p>\n<p>Previously called PolicyKit, Polkit manages system-wide privileges in Unix-like OSes. It provides a mechanism for nonprivileged processes to safely interact with privileged processes. It also allows users to execute commands with high privileges by using a component called pkexec, followed by the command.<\/p>\n<h2>Trivial to exploit and 100 percent reliable<\/h2>\n<p>Like most OSes, Linux provides a hierarchy of permission levels that controls when and what apps or users can interact with sensitive system resources. The design is intended to limit the damage that can happen&nbsp;if a user isn\u2019t trusted to have administrative control of a network or if the app is hacked or malicious.<\/p>\n<p>Since 2009, pkexec has contained a memory-corruption vulnerability that people with limited control of a vulnerable machine can exploit to escalate privileges all the way to root. Exploiting the flaw is trivial and, by some accounts, <a href=\"https:\/\/www.sesin.at\/2022\/01\/25\/local-privilege-escalation-vulnerability-in-polkits-pkexec-cve-2021-4034-tue-jan-25th\/\">100 percent reliable<\/a>. Attackers who already have a toehold on a vulnerable machine can abuse the vulnerability to ensure a malicious payload or command runs with the highest system rights available. PwnKit, as researchers are calling the vulnerability, is also exploitable even if the Polkit daemon itself isn\u2019t running.<\/p>\n<p>PwnKit was discovered by researchers from security firm Qualys in November and was <a href=\"https:\/\/blog.qualys.com\/vulnerabilities-threat-research\/2022\/01\/25\/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034\">disclosed on Tuesday<\/a> after being patched in most Linux distributions. PwnKit is tracked as CVE-2021-4034.<\/p>\n<p>In an email, Qualys Director of Vulnerability Threat Research Bharat Jogi wrote:<\/p>\n<blockquote>\n<p>The most likely attack scenario is from an internal threat where a malicious user can escalate from no privileges whatsoever to full root privileges. From an external threat perspective, if an attacker has been able to gain foothold on a system via another vulnerability or a password breach, that attacker can then escalate to full root privileges through this vulnerability.<\/p>\n<\/blockquote>\n<p>Jogi said exploits require local authenticated access to the vulnerable machine and can&#8217;t be run remotely without such authentication. Here\u2019s a <a href=\"https:\/\/vimeo.com\/669715589?embedded=true&amp;source=vimeo_logo&amp;owner=42884007\">video<\/a> of the exploit in action.<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<figure class=\"video\">\n<div class=\"wrapper\"><iframe loading=\"lazy\" src=\"https:\/\/player.vimeo.com\/video\/669715589?color=ff9933\" width=\"560\" height=\"315\" frameborder=\"0\" allowfullscreen=\"true\">[embedded content]<\/iframe><\/div><figcaption class=\"caption\">\n<div class=\"caption-text\">PwnKit Vulnerability.<\/div>\n<\/figcaption><\/figure>\n<p>For now, Qualys isn\u2019t releasing proof-of-concept exploit code out of concern the code will prove more of a boon to black hats than to defenders. PoC code has been <a href=\"https:\/\/haxx.in\/files\/blasty-vs-pkexec.c\">released by another source<\/a>, and researchers said that it\u2019s only a matter of time until PwnKit is exploited in the wild.<\/p>\n<p>\u201cWe expect that the exploit will become public soon and that attackers will start exploiting it\u2014this is especially dangerous for any multi-user system that allows shell access to users,\u201d Bojan Zdrnja, a penetration tester and a handler at SANS, <a href=\"https:\/\/isc.sans.edu\/forums\/diary\/Local+privilege+escalation+vulnerability+in+polkits+pkexec+CVE20214034\/28272\/\">wrote<\/a>. The researcher said he successfully recreated an exploit that worked on a machine running Ubuntu 20.04.<\/p>\n<p>The Qualys researchers aren&#8217;t the only ones to stumble upon this vulnerability, or at least a very similar bug. In 2013, researcher Ryan Mallon publicly <a href=\"https:\/\/ryiron.wordpress.com\/2013\/12\/16\/argv-silliness\/\">reported much the same bug<\/a> and even <a href=\"https:\/\/twitter.com\/ryiron\/status\/1486207182404472832\">wrote a patch<\/a>, although he ultimately could find no way to exploit the vulnerability. And last June, Github security researcher Kevin Backhouse also <a href=\"https:\/\/github.blog\/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug\/\">reported a privilege escalation vulnerability<\/a>. It received the tracking designation of CVE-2021-3560 and a patch from major Linux distributors.<\/p>\n<div class=\"twitter-tweet\">\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">Lol, I blogged about this polkit vulnerability in 2013: <a href=\"https:\/\/t.co\/a6ciqwCmyt\">https:\/\/t.co\/a6ciqwCmyt<\/a>. I failed to find an actual avenue for exploitation, but did identify the root cause.<\/p>\n<p>\u2014 Ryan Mallon (@ryiron) <a href=\"https:\/\/twitter.com\/ryiron\/status\/1486207182404472832?ref_src=twsrc%5Etfw\">January 26, 2022<\/a><\/p><\/blockquote>\n<\/div>\n<figure class=\"image shortcode-img center full\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/01\/polkit_exploit.png\" width=\"580\" height=\"261\"><figcaption class=\"caption\"><\/figcaption><\/figure>\n<p>Major Linux distributors have released patches for the vulnerability, and security professionals are strongly urging administrators to prioritize installing the patch. Those who can\u2019t patch immediately should use the <code>chmod 0755 \/usr\/bin\/pkexec<\/code> command to remove the SUID-bit from pkexec, which prevents it from running as root when executed by a non-privileged user. Advisories from Debian, Ubuntu, and Red Hat are <a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2021-4034\">here<\/a>, <a href=\"https:\/\/ubuntu.com\/security\/cve-2021-4034\">here<\/a>, and <a href=\"https:\/\/access.redhat.com\/security\/cve\/CVE-2021-4034\">here<\/a>.<\/p>\n<p>Those who want to know if the vulnerability has been exploited on their systems can check for log entries that say either \u201cThe value for the SHELL variable was not found the \/etc\/shells file\u201d or \u201cThe value for environment variable [\u2026] contains suspicious content.\u201d Qualys, however, cautioned people that PwnKit is also exploitable without leaving any traces.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/33040\/A-Bug-Lurking-For-12-Years-Gives-Attackers-Root-On-Every-Major-Linux-Distro.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":45009,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[9421],"class_list":["post-45008","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinehackerlinuxflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>A Bug Lurking For 12 Years Gives Attackers Root On Every Major Linux Distro 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"A Bug Lurking For 12 Years Gives Attackers Root On Every Major Linux Distro 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-26T14:34:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/01\/cyber-800x534.jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"A Bug Lurking For 12 Years Gives Attackers Root On Every Major Linux Distro\",\"datePublished\":\"2022-01-26T14:34:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/\"},\"wordCount\":723,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro.jpg\",\"keywords\":[\"headline,hacker,linux,flaw\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/\",\"name\":\"A Bug Lurking For 12 Years Gives Attackers Root On Every Major Linux Distro 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro.jpg\",\"datePublished\":\"2022-01-26T14:34:43+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro.jpg\",\"width\":800,\"height\":534},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,linux,flaw\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerlinuxflaw\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"A Bug Lurking For 12 Years Gives Attackers Root On Every Major Linux Distro\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"A Bug Lurking For 12 Years Gives Attackers Root On Every Major Linux Distro 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/","og_locale":"en_US","og_type":"article","og_title":"A Bug Lurking For 12 Years Gives Attackers Root On Every Major Linux Distro 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-01-26T14:34:43+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/01\/cyber-800x534.jpeg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"A Bug Lurking For 12 Years Gives Attackers Root On Every Major Linux Distro","datePublished":"2022-01-26T14:34:43+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/"},"wordCount":723,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro.jpg","keywords":["headline,hacker,linux,flaw"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/","url":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/","name":"A Bug Lurking For 12 Years Gives Attackers Root On Every Major Linux Distro 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro.jpg","datePublished":"2022-01-26T14:34:43+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/01\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro.jpg","width":800,"height":534},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,linux,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerlinuxflaw\/"},{"@type":"ListItem","position":3,"name":"A Bug Lurking For 12 Years Gives Attackers Root On Every Major Linux Distro"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45008","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=45008"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45008\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/45009"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=45008"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=45008"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=45008"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}