CVE-2017-18078

Name of the Vulnerable Software and Affected Versions: systemd versions prior to 237

Description: The issue is related to incorrect link resolution before file access in the systemd-tmpfiles daemon, allowing an attacker to bypass existing access restrictions and potentially disclose protected information. This can occur when the fs.protected hardlinks setting is disabled by an administrator and an attacker creates hard links to sensitive files. Local users can exploit this to change ownership or permissions of files they normally cannot access, such as the /etc/passwd file.

Recommendations: For versions prior to 237, update to version 237 or later to resolve the issue. As a temporary workaround, consider enabling the fs.protected hardlinks sysctl to prevent the creation of hard links to sensitive files.