KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.
https://security.gentoo.org/glsa/201706-29
https://access.redhat.com/errata/RHSA-2017:1264
http://www.securityfocus.com/bid/98412