Gentoo Linux Security Advisory GLSA 200907-13 – A vulnerability in PulseAudio may allow a local user to execute code with escalated privileges. Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that the pulseaudio binary is installed setuid root, and does not drop privileges before re-executing itself. The vulnerability has independently been reported to oCERT by Yorick Koster. Versions less than 0.9.9-r54 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/79321/glsa-200907-13.txt
Source: https://packetstormsecurity.com/files/79321/Gentoo-Linux-Security-Advisory-200907-13.html