Vl4Dz

Name of the Vulnerable Software and Affected Versions: xfs versions prior to 1.0.5 xfs (affected versions not specified) on various Linux distributions Description: The issue concerns a potential security risk in the xfs font server package. A local user might exploit this to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file. Multiple vulnerabilities in the xfs package can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Recommendations: For xfs versions prior to 1.0.5, update to version 1.0.5 or later to resolve the issue. For xfs on various Linux distributions, consider restricting access to the /tmp/.font-unix temporary file to prevent symlink attacks until a patch is available.