Two separate CVE issues exist both with regards to the creation of .tmp files.
The first is a local users denial of service, where one user starts the application and the file is created and not removed. Subsequent different users cannot start the application as this file exists and cannot be removed.
The second is a symlink attack to possibly delete or overwrite arbitrary files.
cat /etc/fstab
##UNCONFIGURED BASE SYSTEM
ln -s /etc/fstab /tmp/sabre.log
cat /etc/fstab
Not running in a graphics capable console,
and unable to find one.
The upstream provided patch uses mktemp to generate random temporary files.
Two separate CVE issues exist both with regards to the creation of .tmp files.
The first is a local users denial of service, where one user starts the application and the file is created and not removed. Subsequent different users cannot start the application as this file exists and cannot be removed.
The second is a symlink attack to possibly delete or overwrite arbitrary files.
cat /etc/fstab
##UNCONFIGURED BASE SYSTEM
ln -s /etc/fstab /tmp/sabre.log
cat /etc/fstab
Not running in a graphics capable console,
and unable to find one.
The upstream provided patch uses mktemp to generate random temporary files.