Alasdair MacGregor discovered that mountall created a udev rule file with world-writable permissions. A local attacker could exploit this under certain conditions to cause udev to execute arbitrary commands as the root user.