PT-2023-8876 · Unknown+9 · Openpmix Pmix+9

Francois Diakhate

Publicado

2023-09-09

Atualizado

2024-08-20

CVE-2023-41915

CVSS v3.1

8.1

Alta

Vetor

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenPMIx PMIx versions 4.2.6 and earlier, 5.0.x before 5.0.1

Description The issue is related to a race condition during the execution of library code with UID 0, allowing attackers to obtain ownership of arbitrary files. This can potentially lead to unauthorized access to confidential data.

Recommendations For OpenPMIx PMIx versions 4.2.6 and earlier, update to version 4.2.6 or later. For OpenPMIx PMIx 5.0.x before 5.0.1, update to version 5.0.1 or later.

Correção

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362

Identificadores relacionados

ALSA-2024:2199

ALSA-2024:3008

AZL-29702

BDU:2024-02538

CESA-2024_3008

CVE-2023-41915

DLA-3643-1

DSA-5547-1

INFSA-2024_2199

INFSA-2024_3008

MGASA-2024-0162

OESA-2023-1676

OPENSUSE-SU-2023_3859-1

OPENSUSE-SU-2024:13223-1

RHSA-2024:2199

RHSA-2024:3008

RHSA-2024_2199

RHSA-2024_3008

RLSA-2024:3008

SUSE-SU-2023:3859-1

SUSE-SU-2023_3859-1

USN-6434-1

Produtos afetados

Almalinux

Astra Linux

Centos

Linuxmint

Openpmix Pmix

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2023-8876 · Unknown+9 · Openpmix Pmix+9

CVE-2023-41915

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 61