polkit has been allowing root for 12+ years

[…]Polkit, previously known as PolicyKit, is a tool for setting up policies governing how unprivileged processes interact with privileged ones. The vulnerability resides within polkit’s pkexec, a SUID-root program that’s installed by default on all major Linux distributions. Designated CVE-2021-4034, the vulnerability has been given a CVSS score of 7.8. Bharat Jogi, director of vulnerability Read more about polkit has been allowing root for 12+ years[…]