Debian Linux Security Advisory 3823-1 - Ilja Van Sprundel discovered that the dmcrypt-get-device helper used to check if a given device is an encrypted device handled by devmapper, and used in eject, does not check return values from setuid() and setgid() when dropping privileges.
11ed3d35497fce0aa8208e337d18906978385a140e9058214a8d178bb172d613
Ubuntu Security Notice 3246-1 - Ilja Van Sprundel discovered that dmcrypt-get-device incorrectly checked setuid and setgid return values. A local attacker could use this issue to execute code as an administrator.
38e9d099be590b4e07920777892cc4dab780f5d5f29c49ed15af521f8533e6dc