Herbert Poetzl

**Name of the Vulnerable Software and Affected Versions** initscripts versions prior to 8.76.3-1 **Description** The issue allows local users to delete arbitrary files via a symlink attack on a file or directory under /var/lock or /var/run. This is due to a vulnerability in the rc.sysinit script in initscripts. **Recommendations** For initscripts versions prior to 8.76.3-1, update to version 8.76.3-1 or later to resolve the issue. As a temporary workaround, consider restricting access to the /var/lock and /var/run directories to minimize the risk of exploitation.