Not sure whether exploit has been patched

[cosinekitty]

Very interesting video explanation. Thank you! I tried running this on my local Debian system and got this:

$ ./pwnkit
pkexec --version |
       --help |
       --disable-internal-agent |
       [--user username] PROGRAM [ARGUMENTS...]

See the pkexec manual page for more details.
$

So apparently it did not escalate me to root. But I don't think I updated recently enough to be protected. If this is of interest, I can provide more info.

[supaplextor]

@cosinekitty The prior DSA (Debian Security Announce) is listed. See https://security-tracker.debian.org/tracker/CVE-2021-4034

Use apt-cache policy policykit-1 to see where debs are fetched from and what versions apply.

[omit66]

I tried running this using your docker container and I got the same error.