Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, allows local users to execute arbitrary code via a long command line argument, possibly involving the device name.
https://www.exploit-db.com/exploits/3578
https://exchange.xforce.ibmcloud.com/vulnerabilities/33212