A vulnerability in the Linux kernel allows a malicious local user to escalate their privileges, kernel version 2.4.23 fixes the problem. Secunia announced the problem on 2nd December, and major Linux distributors, including Debian, Red Hat and Slackware, released an update the same day. The CVE name for the problem is CAN-2003-0961.
The problem is not rated as critical, but administrators should update their installations when convenient.