CVE-2023-23558 Information

Description

In Eternal Terminal 6.2.1 TelemetryService uses fixed paths in /tmp. For example a local attacker can create /tmp/.sentry-native-etserver with mode 0777 before the etserver process is started. The attacker can choose to read sensitive information from that file or modify the information in that file.

Reference

https://bugzilla.suse.com/show_bug.cgi?id=1207126 https://github.com/MisterTea/EternalTerminal http://www.openwall.com/lists/oss-security/2023/02/16/1