Short bio: Computer Scientist, FOSS supporter (read more)
Tux Machines (TM)-specific
Sebastian Krahmer from the SUSE Security team has found a vulnerability in KDM which will allow a local user to elevate their privileges to root access. You can see more about vulnerability and install the fix below, although I expect all distributions to already have the fix applied, or to have it applied very shortly.
1. Systems affected:
KDM as shipped with KDE SC 2.2.0 up to including KDE SC 4.4.2
KDM contains a race condition that allows local attackers to
make arbitrary files on the system world-writeable. This can
happen while KDM tries to create its control socket during
user login. This vulnerability has been discovered by
Sebastian Krahmer from the SUSE Security Team.