This flaw can be used across Linux powered computers, servers and even android devices.
We uncovered a bug that impacts all Linux platforms, including mobile devices, and were calling it grinch.
Exploitation of the logging system
This isnt the first major vulnerability to be uncovered in Linux.
Further digging led them to grinch.
For directly executed tools, Polkit provides a setuid-root helper program called pkexec.
Whichever method the attacker uses, the goal is to gain root access to the system.
Not to mention the half a billion users of Android around the world who stand in risk.
Know how your Linux administrator is installing packages and managing updates.
On the bright side, the researchers also denied any news of this vulnerability ever being used so far.
So no major damage has been done.
Until and unless a patch is released all the devices running on Linux are vulnerable to Grinch.
source: www.techworm.net
