Medium: dracut

Issue Overview:

It was discovered that dracut created initramfs images as world readable. A local user could possibly use this flaw to obtain sensitive information from these files, such as iSCSI authentication passwords, encrypted root file system crypttab passwords, or other information. (CVE-2012-4453)

Affected Packages:

dracut

Issue Correction:
Run yum update dracut to update your system.

New Packages:

noarch:  
    dracut-tools-004-336.21.amzn1.noarch  
    dracut-004-336.21.amzn1.noarch  
    dracut-caps-004-336.21.amzn1.noarch  
    dracut-kernel-004-336.21.amzn1.noarch  
    dracut-fips-004-336.21.amzn1.noarch  
    dracut-generic-004-336.21.amzn1.noarch  
    dracut-fips-aesni-004-336.21.amzn1.noarch  
    dracut-network-004-336.21.amzn1.noarch  
  
src:  
    dracut-004-336.21.amzn1.src  

Additional References

Red Hat: CVE-2012-4453

Mitre: CVE-2012-4453