cdrecord is vulnerable to a local root exploit via the RSH environment variable if it is suid root.
This is correct, however we do not install cdrecord suid for just this reason. I'm removing the security severity since this is technically a bug, but not a security related issue in a default install.