When lsof is setuid-root or setgid kmem, it is vulnerable
to a buffer overflow that could lead to direct root compromise or root
compromise thru live kernel patching.
This Securityfocus archive posting
from hert.org, emphasizes that lsof should not be setuid-root or setgid.
