umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program.