A serious memory corruption vulnerability in polkit (formerly PolicyKit) has finally been discovered after 12+ years. This program is found in essentially all modern Linux distributions.
The most likely attack scenario is from an internal threat where a malicious user can escalate from no privileges whatsoever to full root privileges. From an external threat perspective, if an attacker has been able to gain foothold on a system via another vulnerability or a password breach, that attacker can then escalate to full root privileges through this vulnerability.
There are some useful links on the reddit thread:
https://teddit.net/r/linux/comments/sct9ld/linux_system_service_bug_gives_root_on_all_major/