KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default configuration, allows privilege escalation because of race conditions involving symlinks and elevate_perf_privileges.sh chown calls.Referenceshttps://github.com/KDAB/hotspot/releaseshttps://www.openwall.com/lists/oss-security/2023/03/14/8