PT-2012-5409 · Red Hat · Dracut+1

Huzaifa Sidhpurwala

Published

2012-10-09

Updated

2024-06-15

CVE-2012-4453

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions dracut versions in Red Hat Enterprise Linux 6, Fedora 16 and 17

Description The issue allows local users to potentially obtain sensitive information due to world-readable permissions in initramfs images created by dracut.sh.

Recommendations For Red Hat Enterprise Linux 6, consider changing the permissions of initramfs images to prevent world-readable access. For Fedora 16 and 17, restrict access to the initramfs images until a fix is applied.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2012-4453

OPENSUSE-SU-2024:10225-1

RHSA-2013:1674

RHSA-2013_1674

Affected Products

Red Hat

Dracut

PT-2012-5409 · Red Hat · Dracut+1

CVE-2012-4453

Weakness Enumeration

Related Identifiers

Affected Products

References · 21