Ubuntu Security Notice 3938-1 - Jann Horn discovered that pam_systemd created logind sessions using some parameters from the environment. A local attacker could exploit this in order to spoof the active session and gain additional PolicyKit privileges.
04cac38809c24fd6bf8181037a959b4415679aa832a9f2d739d10fbaf31ce2c4