Mandriva Linux Security Advisory 2013-096 - The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the checkers.pid, and vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files. A security issue due to syslog being used inside of sighandlers has also been fixed. Finally, keepalived was failing to load the ip_vs kernel module because of an incorrect modprobe option. This has also been corrected.
f3cd472376eebff910246245a399722a96d596a772515aa4360494a1cf49a7a1
Gentoo Linux Security Advisory 201207-7 - Keepalived uses world-writable PID files, allowing a local attacker to kill arbitrary processes. Versions less than 1.2.2-r3 are affected.
f2d5ab163bea57e36eb2e3461b8c01c26c5adf484fffb286998715e8921fface