libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: microfocus
Published: 2016-09-26T15:00:00
Updated: 2021-01-06T16:15:49
Reserved: 2016-06-23T00:00:00
Link: CVE-2016-5746
JSON object: View
NVD Information
Status : Modified
Published: 2016-09-26T15:59:00.140
Modified: 2023-11-07T02:33:45.440
Link: CVE-2016-5746
JSON object: View
Redhat Information
No data.
CWE