CVE-2022-1348 log

Severity Medium
Remote No
Type Denial of service
The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with a default permission mode of 0644, and with an umask of 0022 results in a world-readable file allowing an unprivileged user to lock the state file, stopping any rotation.