Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug The GitHub Blog
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/

>polkit is a system service installed by default on many Linux distributions. It’s used by systemd, so any Linux distribution that uses systemd also uses polkit. As a member of GitHub Security Lab, my job is to help improve the security of open source software by finding and reporting vulnerabilities. A few weeks ago, I found a privilege escalation vulnerability in polkit. I coordinated the disclosure of the vulnerability with the polkit maintainers and with Red Hat’s security team. It was publicly disclosed, the fix was released on June 3, 2021, and it was assigned CVE-2021-3560.
>
>The vulnerability enables an unprivileged local user to get a root shell on the system. It’s easy to exploit with a few standard command line tools, as you can see in this short video. In this blog post, I’ll explain how the exploit works and show you where the bug was in the source code.
>...