A memory corruption vulnerability has been uncovered in Polkits pkexec, a SUID-root program that is installed by default on every major Linux distribution. The vulnerability, dubbed Pwnkit, can be exploited in its default configuration to allow unprivileged user to gain full root privileges on a vulnerable host. Polkit is a component for controlling systemwide privileges in Unix-like operating systems. It provides an organized way for nonprivileged processes to communicate with privileged processes.”]
Source: https://www.fraudtoday.io/flaw-in-polkits-pkexec-puts-linux-users-at-risk-a-18398