trousers is vulnerable to denial of service. The vulnerability exists when daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks which allows the tss user to create or corrupt existing files, which could possibly lead to a DoS attack.
www.openwall.com/lists/oss-security/2020/08/14/1
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/
access.redhat.com/errata/RHSA-2021:1627
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1870052
bugzilla.suse.com/show_bug.cgi?id=1164472
lists.fedoraproject.org/archives/list/[email protected]/message/SSDL7COIFCZQMUBNAASNMKMX7W5JUHRD/
seclists.org/oss-sec/2020/q2/att-135/tcsd_fixes.patch
sourceforge.net/p/trousers/mailman/message/37015817/
www.openwall.com/lists/oss-security/2020/08/14/1