View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-5746 severity moderate: SUSE including 22 source package names (libstorage, libstorage-devel-2.25.35.1-3.1, …), 48 product×package rows across 20 product lines (SUSE Linux Enterprise Desktop 12, SUSE Linux Enterprise Desktop 12 SP1, … (20 product lines)): Known Not Affected 28, Fixed 20.
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.