rpm package
suse/yast2-storage&distro=SUSE Linux Enterprise Software Development Kit 11 SP4
pkg:rpm/suse/yast2-storage&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-5746 | Med | 5.1 | < 2.17.161-5.1 | 2.17.161-5.1 | Sep 26, 2016 | libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf. |
- affected < 2.17.161-5.1fixed 2.17.161-5.1
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.