The big3d process does not irrevocably minimize group privileges at startup. (CVE-2018-5540)
Impact
There is not a known attack vector, but if the big3d process is compromised, it is possible for it to regain the group privileges it was launched with.