It was found that logrotate utility used incorrect flags for truncation of the original log file in place after creating a copy (copytruncate mode). A local attacker could use this flaw to truncate arbitrary system file (if the logrotate utility was run under privileged user account, root) by performing symlink or hardlink attacks.