KDM -- local privilege escalation vulnerability

KDE Security Advisory reports:

KDM contains a race condition that allows local attackers
to make arbitrary files on the system world-writeable.
This can happen while KDM tries to create its control
socket during user login. A local attacker with a valid
local account can under certain circumstances make use of
this vulnerability to execute arbitrary code as root.