CVE-2022-27816: 
Rust vulnerability analysis and mitigation

SWHKD version 1.1.5 contains a vulnerability (CVE-2022-27816) where the unprivileged server process unsafely uses the /tmp/swhks.pid pathname. This vulnerability was discovered during a security review by the SUSE security team and was reported on March 22, 2022 (OSS Security).

The vulnerability exists in the unprivileged server process (swhks) of SWHKD, which uses a fixed temporary file path (/tmp/swhks.pid) for storing its PID information. This implementation is similar to another vulnerability (CVE-2022-27815) found in the same software (OSS Security).

The vulnerability can lead to two main security issues: 1) Local application denial of service (DoS) - if an attacker places the PID of an existing process (e.g., PID 1) in the file, other users cannot start the server, and 2) Local user file corruption - if kernel symlink protection is disabled, the PID file can be a symlink to a private file in the user's home directory, which will then be overwritten with PID information (OSS Security).

The vulnerability was addressed by upstream through a commit that moves the PID file to the respective user's private /run/user/$UID directory. This fix was implemented in commit 4b8442fef512441c9155186956c767a120c12974 (OSS Security, GitHub Commit).

The vulnerability was part of a larger security audit that revealed multiple security issues in SWHKD. The fixes were quickly implemented by the upstream developers, and the vulnerability was included in a comprehensive security update release version 1.2.0 (GitHub Release).