It's at LWN.net: "Sebastian Krahmer found a problem in the modprobe utility that could be
exploited by local users to run arbitrary commands as root if the
machine is running a kernel with kmod enabled.
The kmod kernel feature allows the kernel to dynamically load kernel
modules if functionality is required that is not present in the running