https://github.com/ubuntu/authd/security/advisories/GHSA-g8qw-mgjx-rwjr

When a user who hasn't logged in to the system before (i.e. doesn't exist in the authd user database) logs in via SSH, the user is considered a member of the root group in the context of the SSH session. That leads to a local privilege escalation if the user should not have root privileges.