Ubuntu Security Notice 1115-1 - Romain Perier discovered that the language-selector D-Bus backend did not correctly check for Policy Kit authorizations. A local attacker could exploit this to inject shell commands into the system-wide locale configuration file, leading to root privilege escalation.
9adcdb45a05761524f5baaa6558fa3bb665b5121e28ae6c04e06590ad6778447