Leif Nixon

**Name of the Vulnerable Software and Affected Versions** libsdp versions 1.1.104 and earlier **Description** The default configuration of libsdp.conf in libsdp creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log temporary file. **Recommendations** For versions 1.1.104 and earlier, consider changing the default log file location from /tmp to a more secure directory to prevent local users from overwriting arbitrary files. As a temporary workaround, restrict access to the /tmp directory to minimize the risk of exploitation.