CVE-2026-25701

Insecure Temporary File Handling in openSUSE sdbootutil Enables Local Privilege Escalation

Description

An Insecure Temporary File vulnerability in openSUSE sdbootutil allows local users to pre-create a directory to achieve various effects like: * gain access to possible private information found in /var/lib/pcrlock.d * manipulate the data backed up in /tmp/pcrlock.d.bak, therefore violating the integrity of the data should it be restored. * overwrite protected system files with data from /var/lib/pcrlock.d by placing symlinks to existing files in the directory tree in /tmp/pcrlock.d.bak. This issue affects sdbootutil: from ? before 5880246d3a02642dc68f5c8cb474bf63cdb56bca.

INFO

Published Date :

2026-02-25T10:59:58.372Z

Last Modified :

2026-02-25T20:50:09.650Z

Source :

suse

AFFECTED PRODUCTS

The following products are affected by CVE-2026-25701 vulnerability.

Vendors	Products
Opensuse	Sdbootutil

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-25701.

URL	Resource
https://bugzilla.suse.com/show_bug.cgi?id=1258241

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability