CVE-2017-8934
PCManFM 1.2.5 insecurely uses /tmp for a socket file, enabling a local attacker to cause a denial of service (application unavailability). Multiple connected advisories confirm the issue and provide remediation: upgrade to pcmanfm 1.2.5-2 (or later) where the upstream fix was applied; Arch Linux ...