CVE-2018-19637

Name of the Vulnerable Software and Affected Versions: Supportutils versions prior to 3.1-5.7.1

Description: The issue is related to incorrect handling of file access, allowing local attackers to overwrite files on systems without symlink protection. This can be exploited by an attacker to modify arbitrary files. The vulnerability is associated with the Supportutils package for the SUSE Linux operating system.

Recommendations: For versions prior to 3.1-5.7.1, update to version 3.1-5.7.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the /tmp/supp log file to minimize the risk of exploitation.