CVE-2021-44512: 
Linux Debian vulnerability analysis and mitigation

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 were identified as a security vulnerability (CVE-2021-44512). The vulnerability was discovered and disclosed in December 2021, affecting the tmate terminal sharing software's server component. This security issue impacts systems running tmate-ssh-server version 2.3.0 and earlier (NVD, OSS Security).

The vulnerability stems from incorrect permission assignments on the /tmp/tmate/sessions directory, which was configured with world-writable permissions. The CVSS v3.1 base score is 7.0 (HIGH) with the vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H. The vulnerability is classified under CWE-732 (Incorrect Permission Assignment for Critical Resource). The issue specifically relates to the directory permissions being set to world-writable, allowing unauthorized access to session handling mechanisms (NVD).

The vulnerability allows local attackers to compromise the integrity of session handling or obtain read-write session IDs from read-only session symlinks in the affected directory. This could potentially lead to unauthorized access to terminal sessions and compromise of session security (NVD, OSS Security).

The vulnerability was addressed in upstream commit 1c020d1f, which hardened the /tmp/tmate directory permissions. The fix involves changing the directory permissions from world-writable (0703) to more restrictive permissions (0700) and implementing proper ownership checks for the directories (GitHub Patch).