Fabian Vogt discovered a flaw in sddm, a modern display manager for X11. A local attacker can take advantage of a race condition when creating the Xauthority file to escalate privileges.