CVE-2017-18226

Name of the Vulnerable Software and Affected Versions: jabberd2 versions prior to 2.6.1

Description: The issue allows local users to potentially kill arbitrary processes by modifying PID files. This is possible because the ownership of /var/run/jabber is set to the jabber account, which can be leveraged to modify PID files before a root script executes a command to kill processes based on the contents of these files.

Recommendations: For versions prior to 2.6.1, consider restricting access to the /var/run/jabber directory to prevent unauthorized modification of PID files until a fix is available. As a temporary workaround, ensure that only trusted users have access to the jabber account to minimize the risk of exploitation.