Researchers at Qualys refuse to release exploit code for five bugs in the Linux world's needrestart utility that allow unprivileged local attackers to gain root access without any user interaction. //

The little tool is available separately and in various Linux distributions, and as Abbasi highlighted, is present by default in Ubuntu Server, at least. //

Needrestart is installed by default and was introduced in version 0.8 more than ten years ago. All versions of the utility before 3.8 are considered vulnerable and attackers could execute code as root. Versions after 3.8 have the fix applied.