A bug in the kernel module loader code could allow a local user to gain root privileges. This can be done by a local user using ptrace and attaching to a modprobe process that is spawned if the user triggers the loading of a kernel module.
An update is available to patch this vulnerability. All users are advised to upgrade. Note the Mandrake Linux 9.1 kernel already has this patch, and an updated kernel for Mandrake Linux 8.2 will be available later.
For the update, see http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:038.