unixsocket.c in lxterminal through insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control). References: https://unix.stackexchange.com/questions/333539/lxterminal-in-the-netstat-output/333578 Upstream patch: https://git.lxde.org/gitweb/?p=lxde/lxterminal.git;a=commit;h=f99163c6ff8b2f57c5f37b1ce5d62cf7450d4648
Created lxterminal tracking bugs for this issue: Affects: fedora-all [bug 1449114]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.