CVE 2017-8934

PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (application unavailability).

Related bugs and status

CVE-2017-8934 (Candidate) is related to these bugs:

Bug #1708542: Fix potential access violation, use runtime user dir instead of tmp dir

		In	Importance	Status
1708542	Fix potential access violation, use runtime user dir instead of tmp dir	pcmanfm (Ubuntu)	Undecided	Fix Released
1708542	Fix potential access violation, use runtime user dir instead of tmp dir	pcmanfm (Ubuntu Zesty)	Undecided	Fix Released
1708542	Fix potential access violation, use runtime user dir instead of tmp dir	pcmanfm (Ubuntu Xenial)	Undecided	Fix Released
1708542	Fix potential access violation, use runtime user dir instead of tmp dir	pcmanfm (Ubuntu Trusty)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.