The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user session."

Related CVEs

CVE-2012-1174

Key Information

GHSA ID

GHSA-mmfm-j35m-wr8v

Published

May 17, 2022 5:26 AM

Last Modified

May 17, 2022 5:26 AM

CVSS Score

2.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.