Gentoo Linux Security Advisory 201006-10 – multipath-tools does not set correct permissions on the socket file, making it possible to send arbitrary commands to the multipath daemon for local users. multipath-tools uses world-writable permissions for the socket file (/var/run/multipathd.sock). Versions less than 0.4.8-r1 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/90225/glsa-201006-10.txt
Source: https://packetstormsecurity.com/files/90225/Gentoo-Linux-Security-Advisory-201006-10.html