CVE-2022-27815: 
Rust vulnerability analysis and mitigation

SWHKD version 1.1.5 contains a security vulnerability (CVE-2022-27815) where the daemon running as root unsafely uses the /tmp/swhkd.pid pathname to record its own PID for instance monitoring. The vulnerability was discovered on March 22, 2022, and was publicly disclosed on April 14, 2022. The affected software is SWHKD, a hotkey helper for the Wayland graphics system written in Rust (OSS Security).

The vulnerability stems from the daemon's use of a fixed path (/tmp/swhkd.pid) to record its PID for instance monitoring. When running as root, this implementation creates several security issues. The daemon logs the full content of the PID file to stdout, which can lead to information disclosure if the kernel's symlink protection is turned off. For example, if a symlink points to a private root-owned file containing sensitive information, the content would be logged (OSS Security).

The vulnerability has multiple potential impacts: 1) Local application DoS - an attacker can place the PID of an existing process in the file to prevent other users from starting the daemon, 2) Information leak if kernel symlink protection is disabled - the daemon logs the full content of the PID file, potentially exposing sensitive information, 3) System DoS - the daemon will overwrite the target file with its own PID, potentially creating world-readable files in sensitive locations, and 4) Functional issues - the setup is not suitable for multiple users using the software in parallel (OSS Security).

The issue has been fixed in version 1.2.0 by moving the PID file to /etc/swhkd/runtime directory. The fix includes creating a proper directory structure with appropriate permissions (root:root ownership and 700 permissions). The patch implements a more secure approach by using a user-specific PID file path format: /etc/swhkd/runtime/swhkd_{uid}.pid (GitHub Commit, GitHub Release).