Karloie

**Name of the Vulnerable Software and Affected Versions** Ubuntu version 5.10 **Description** The issue concerns the Ubuntu 5.10 installer, which fails to properly clear passwords from the installer log file, specifically questions.dat. This file is left with world-readable permissions, allowing local users to potentially gain privileges. **Recommendations** For Ubuntu version 5.10, consider restricting access to the questions.dat log file to prevent unauthorized users from reading its contents. As a temporary workaround, manually remove or secure the questions.dat file after installation to minimize the risk of exploitation.