Description
The sos package contains a set of tools that gather information from system
hardware, logs and configuration files. The information can then be used
for diagnostic purposes and debugging.
An insecure temporary file use flaw was found in the way sos created
certain sosreport files. A local attacker could possibly use this flaw
to perform a symbolic link attack to reveal the contents of sosreport
files, or in some cases modify arbitrary files and escalate their
privileges on the system. (CVE-2015-7529)