A seven-year-old privilege escalation vulnerability discovered in the polkit system service could be exploited by a malicious unprivileged local attacker. The flaw affects polkit versions between 0.113 and 0.118 and was discovered by GitHub security researcher Kevin Backhouse. The issue has been mitigated in version 0.119, which was released on June 3. Red Hat’s Cedric Buissart noted that Debian-based distributions, based on polkit 0.105, are also vulnerable.
Source: https://thehackernews.com/2021/06/7-year-old-polkit-flaw-lets.html