CVE-2022-27816

Name of the Vulnerable Software and Affected Versions SWHKD version 1.1.5

Description The issue is related to the unsafe use of the /tmp/swhks.pid pathname, which can lead to data loss or a denial of service. An attacker could exploit this to impact data integrity or cause a service disruption. The vulnerability is associated with the possibility of saving the process ID to the /tmp/swhks.pid file and inserting the ID of an existing process.

Recommendations For SWHKD version 1.1.5, consider updating to a version where the issue is fixed, as a patch is available on the 1.1.0 branch of the repository. As a temporary workaround, consider restricting access to the /tmp/swhks.pid file to minimize the risk of exploitation.