Microsoft 365 Defender researcher team discovered a privilege escalation vulnerability dubbed Nimbuspwn allowing an attacker to gain root privileges and deploy malicious payloads.
Qualys researchers said the 12-year-old memory corruption local privilege escalation vulnerability on polkit's Set User ID program pkexec is easily exploitable by novice attackers and affects every major Linux distribution.
