Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command.