Jason Stubbs

**Name of the Vulnerable Software and Affected Versions** Portage versions 2.0.51-r2 and earlier **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on temporary files. Multiple vulnerabilities in the Portage package can lead to a breach of protected information integrity, and exploitation can be carried out locally. **Recommendations** For Portage versions 2.0.51-r2 and earlier, consider updating to a version later than 2.0.51-r2 to resolve the issue. As a temporary workaround, consider restricting access to the dispatch-conf function to minimize the risk of exploitation. Avoid using dispatch-conf on untrusted input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.