rpm package
suse/libstorage&distro=SUSE Linux Enterprise Server 12 SP1
pkg:rpm/suse/libstorage&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-5746 | Med | 5.1 | < 2.25.35.1-3.1 | 2.25.35.1-3.1 | Sep 26, 2016 | libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf. |
- affected < 2.25.35.1-3.1fixed 2.25.35.1-3.1
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.