It was reported that wine uses /tmp/.wine-$UID as a directory for sockets and lock files. Malicious local user could create /tmp/.wine-$UID for another user's uid, preventing the other user from using wine. Moreover, the server_connect() function doesn't check if /tmp/.wine-$UID or its subdirectories are symlinks, so in some circumstances it might be possible to trick wine to connect to an unrelated socket.
Debian bug report:
Created wine tracking bugs for this issue:
Affects: fedora-all [bug 1312959]
Affects: epel-all [bug 1312960]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.