Description
The sos package contains a set of utilities that gather information from
system hardware, logs, and configuration files. The information can then be
used for diagnostic purposes and debugging.
An insecure temporary file use flaw was found in the way sos created
certain sosreport files. A local attacker could possibly use this flaw to
perform a symbolic link attack to reveal the contents of sosreport files,
or in some cases modify arbitrary files and escalate their privileges on
the system. (CVE-2015-7529)