Sebastian Krahmer discovered a race condition in the KDE Display Manager . A local attacker could exploit this to change the permissions on arbitrary files, thus allowing privilege escalation.