CVE-2021-25314: 
Linux openSUSE vulnerability analysis and mitigation

A Creation of Temporary File With Insecure Permissions vulnerability was discovered in hawk2 component of SUSE Linux Enterprise High Availability. The vulnerability, tracked as CVE-2021-25314, was found in three different locations where files were set to unsafe permissions (0666), allowing arbitrary local users to potentially modify critical system configurations (SUSE Bugzilla).

The vulnerability exists in three different files within the hawk2 component: hawk/app/models/report.rb, hawk/app/lib/invoker.rb, and hawk/app/lib/crmscript.rb. In each location, file permissions were set to 0666, making them world-readable and writable. The most severe instance allows arbitrary local users to change the CIB (Cluster Information Base), which could be combined with other issues to inject shell metacharacters ([SUSE Bugzilla](https://bugzilla.suse.com/showbug.cgi?id=1182166)).

The vulnerability could allow local attackers to modify critical system configurations and potentially escalate privileges to root. The most severe impact is through the crmscript.rb file, which could be exploited as a root privilege escalation vector since crm has powerful system capabilities ([SUSE Bugzilla](https://bugzilla.suse.com/showbug.cgi?id=1182166)).

The issue was fixed in hawk2 version 2.6.3. SUSE released security updates SUSE-SU-2021:0941-1, SUSE-SU-2021:0942-1, and SUSE-SU-2021:0943-1 to address this vulnerability across different versions of SUSE Linux Enterprise High Availability (SUSE Bugzilla).