Description
csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories.
Published: 2026-05-13
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

csync2, when compiled using the C99 or later standard, creates temporary directories in an insecure manner. The use of these directories permits a time‑of‑check to time‑of‑use race condition, allowing an attacker who can influence the path or contents of the temporary directory to replace or manipulate files before they are accessed by csync2. This flaw could lead to arbitrary file overwrite or substitution, potentially compromising data integrity or allowing privilege escalation if the modified files are processed with elevated permissions. The flaw is documented as a moderate‑severity issue with a CVSS score of 5.1 and is not currently listed in the CISA KEV catalog.

Affected Systems

SUSE openSUSE Tumbleweed users who compile or run csync2 with the C99 or later standard are affected. The vulnerability originates from the csync2 component installed on these systems; no specific version information is provided in the advisory.

Risk and Exploitability

The CVSS score indicates moderate risk, and the absence of an EPSS score means that no exploitation probability has been quantified. The flaw is not recorded in KEV, suggesting that there are no widely reported exploit cases at this time. However, the TOCTOU nature of the weakness means that a local attacker with the ability to influence the temporary directory could exploit it without network exposure. The lack of a publicly available patch or workaround implies that mitigations rely on configuration changes or future updates.

Generated by OpenCVE AI on May 13, 2026 at 10:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any available csync2 patch or upgrade to the latest stable release.
  • Recompile csync2 with default or secure temporary directory settings, avoiding the C99 or later compilation flags that expose the vulnerability.
  • Configure the system so that the temporary directories used by csync2 are owned by a non‑privileged user and have restrictive permissions to reduce the impact of a TOCTOU attack.

Generated by OpenCVE AI on May 13, 2026 at 10:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 13 May 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 13 May 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Suse
Suse opensuse Tumbleweed
Weaknesses CWE-367
Vendors & Products Suse
Suse opensuse Tumbleweed

Wed, 13 May 2026 09:15:00 +0000

Type Values Removed Values Added
Description csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories.
Title csync2 uses insecure temporary directories when compiled with C99 or later
References
Metrics cvssV3_1

{'score': 5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Suse Opensuse Tumbleweed
cve-icon MITRE

Status: PUBLISHED

Assigner: suse

Published:

Updated: 2026-05-13T19:24:11.916Z

Reserved: 2026-04-16T13:37:50.680Z

Link: CVE-2026-41051

cve-icon Vulnrichment

Updated: 2026-05-13T19:24:08.537Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-13T13:01:53.787

Modified: 2026-05-13T20:16:21.487

Link: CVE-2026-41051

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T10:30:16Z

Weaknesses