The flaw, dubbed 'Sequoia' and tracked as CVE ... local users to bypass authorisation and gain root access. The bug existed in Polkit System Service and was patched last month.