Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libstorage、libstorage-ng和yast-storage 安全漏洞
Vulnerability Description
libstorage是一个用于管理Linux存储设备的C++库。libstorage-ng是一套用于评估boost图片库使用情况的工具。yast-storage是一个用于libstorage后台的存储库。 libstorage、libstorage-ng和yast-storage中存在安全漏洞,该漏洞源于磁盘上的临时文件中的加密存储设备,没有正确存储密码口令句。本地攻击者可通过读取文件利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A