RedHat Setserial Init Script Predictable Temporary File Vulnerability

RedHat Setserial Init Script Predictable Temporary File Vulnerability

Red Hat Linux is a freely available clone of the UNIX Operating System, distributed by Red Hat Incorporated.

A problem has been discovered in the distribution that could lead to a race condition. If a user has recompiled their kernel and enabled modular serial support, and copied the rc.serial script to /etc/rc.d/init.d/serial, they're vulnerable to a race condition error. The serial init script creates temporary files insecurely.

This could allow a local user to overwrite system files, causing a denial of service, and potentially result in elevated privileges.