Medium severity5.1NVD Advisory· Published Sep 26, 2016· Updated Jun 17, 2026
CVE-2016-5746
CVE-2016-5746
Description
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- osv-coords9 versionspkg:rpm/suse/libstorage&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/libstorage&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/libstorage&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/libstorage&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/libstorage&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/libstorage&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/yast2-storage&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/yast2-storage&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/yast2-storage&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
< 2.25.35.1-3.1+ 8 more
- (no CPE)range: < 2.25.35.1-3.1
- (no CPE)range: < 2.25.35.1-3.1
- (no CPE)range: < 2.25.16.1-3.1
- (no CPE)range: < 2.25.16.1-3.1
- (no CPE)range: < 2.25.35.1-3.1
- (no CPE)range: < 2.25.35.1-3.1
- (no CPE)range: < 2.17.161-5.1
- (no CPE)range: < 2.17.161-5.1
- (no CPE)range: < 2.17.161-5.1
Patches
Vulnerability mechanics
References
10- lists.opensuse.org/opensuse-updates/2016-09/msg00032.htmlnvd
- www.securityfocus.com/bid/93169nvd
- bugzilla.suse.com/show_bug.cginvd
- github.com/openSUSE/libstorage-ng/pull/123nvd
- github.com/openSUSE/libstorage/pull/162nvd
- github.com/openSUSE/libstorage/pull/163nvd
- github.com/yast/yast-storage/pull/223nvd
- github.com/yast/yast-storage/pull/224nvd
- github.com/yast/yast-storage/pull/226nvd
- github.com/yast/yast-storage/pull/227nvd
News mentions
0No linked articles in our index yet.