The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week moved toadda Linux vulnerability dubbedPwnKitto itsKnown Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The issue, tracked asCVE-2021-4034(CVSS score: 7.8), came to light in January 2022 and concerns a case oflocal privilege escalationin polkit’s pkexec utility, which allows an