Another reason (no longer under embargo):
A ZuluCrypt vulnerability - Debian issue:
Local privilege escalation via zuluPolkit, caused by Debian patch
Reported to Debian by @arraybolt3.
Not a ZuluCrypt upstream (original developer) issue.
This is non-exploitable in Kicksecure, Whonix if user-sysmaint-split (see wiki) is installed.