CVE-2024-55566 Information

Description

ColPack 1.0.10 through 9a7293a has a predictable temporary file (located under /tmp with a name derived from an unseeded RNG). The impact can be overwriting files or making ColPack graphing unavailable to other users.

Reference

https://bugzilla.suse.com/show_bug.cgi?id=1225617 https://cwe.mitre.org/data/definitions/335.html https://github.com/CSCsw/ColPack/blob/9a7293a8dfd66a60434496b8df5ebb4274d70339/src/Utilities/extra.cpp#L184-L190