A vulnerability exists in the gpm-root program, part of the gpm package. A local console user can obtain root. Tested under RedHat Linux (6.2 / 6.1 / 6.0 / 6.0 / 5.2 / 5.1) and Debian Linux (2.2 / 2.1 / 2.0).
fdc7878064ad331939f1b74e447a8ba7472f14e883ff96a2f93eaecb0a3154f5