{"id":"CVE-2012-5638","details":"The setup_logging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations.","modified":"2026-04-10T03:42:32.646464Z","published":"2012-12-20T12:02:18Z","references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2013-0691.html"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=887010"}],"schema_version":"1.7.5"}