KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default configuration, allows privilege escalation because of race conditions involving symlinks and elevate_perf_privileges.sh chown calls. https://www.openwall.com/lists/oss-security/2023/03/14/8 https://github.com/KDAB/hotspot/releases
Created hotspot tracking bugs for this issue: Affects: fedora-38 [bug 2192209]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.