CVE-2020-1712

A flaw in systemd prior to version v245-rc1 has been discovered, involving the use-after-free vulnerability in asynchronous Polkit queries during the handling of dbus messages. An attacker, with local unprivileged access, can exploit this issue by sending specially crafted dbus messages, resulting in either crashing of systemd services or potentially executing arbitrary code and gaining elevated privileges.