CVE-2012-4453
N/A
N/A
Summary
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://rhn.redhat.com/errata/RHSA-2013-1674.html
- https://bugzilla.redhat.com/show_bug.cgi?id=859448
- http://www.securityfocus.com/bid/55713
- http://www.openwall.com/lists/oss-security/2012/09/27/4
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79258
- http://git.kernel.org/?p=boot/dracut/dracut.git%3Ba=commit%3Bh=e1b48995c26c4f06d1a71
- http://www.openwall.com/lists/oss-security/2012/09/27/6
- http://www.openwall.com/lists/oss-security/2012/09/27/3
References
- http://rhn.redhat.com/errata/RHSA-2013-1674.html
- https://bugzilla.redhat.com/show_bug.cgi?id=859448
- http://www.securityfocus.com/bid/55713
- http://www.openwall.com/lists/oss-security/2012/09/27/4
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79258
- http://git.kernel.org/?p=boot/dracut/dracut.git%3Ba=commit%3Bh=e1b48995c26c4f06d1a71
- http://www.openwall.com/lists/oss-security/2012/09/27/6
- http://www.openwall.com/lists/oss-security/2012/09/27/3
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.