Authored by Tanishq Sharma, Shikhar Saxena, Rushil Saxena

This document covers a vulnerability in policy kit (polkit) used on many Linux distributions, which enables an unprivileged local user to get a privileged shell (root) on the system by manually sending dbus messages to the dbus-daemon, then killing the request before it has been fully processed.

advisories | CVE-2021-3560