Lucene search
MitreCVELIST:CVE-2024-23301HistoryJan 12, 2024 - 12:00 a.m.
CVE-2024-23301
2024-01-1200:00:00
mitre
www.cve.org
2
relax-and-recover
vulnerability
grub_rescue
local attackers
system secrets.
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.
References
github.com/rear/rear/issues/3122
github.com/rear/rear/pull/3123
lists.debian.org/debian-lts-announce/2024/02/msg00003.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7JIN57LUPBI2GDJOK3PYXNHJTZT3AQTZ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHKMPXJNXEJJE6EVYE5HM7EKEJFQMBN7/
Related
nessus
nessus
Amazon Linux 2 : rear (ALAS-2024-2451)
2024-02-06 00:00:00
SUSE SLES15 Security Update : rear27a (SUSE-SU-2024:0253-1)
2024-01-27 00:00:00
SUSE SLES12 Security Update : rear1172a (SUSE-SU-2024:0292-1)
2024-02-01 00:00:00
almalinux
almalinux
Moderate: rear security update
2024-04-09 00:00:00
Moderate: rear security update
2024-03-05 00:00:00
nvd
nvd
CVE-2024-23301
2024-01-12 23:15:10
cve
cve
CVE-2024-23301
2024-01-12 23:15:10
osv
osv
rear - security update
2024-02-03 00:00:00
Moderate: rear security update
2024-04-09 00:00:00
Moderate: rear security update
2024-05-06 13:04:21
oraclelinux
oraclelinux
rear security update
2024-04-09 00:00:00
rear security update
2024-03-06 00:00:00
openvas
openvas
Fedora: Security Advisory for rear (FEDORA-2024-49ddbf447d)
2024-02-22 00:00:00
Mageia: Security Advisory (MGASA-2024-0131)
2024-04-15 00:00:00
Fedora: Security Advisory for rear (FEDORA-2024-a2f6e5ddb8)
2024-02-21 00:00:00
redos
redos
ROS-20240328-09
2024-03-28 00:00:00
redhatcve
redhatcve
CVE-2024-23301
2024-01-15 05:30:37
redhat
redhat
(RHSA-2024:1147) Moderate: rear security update
2024-03-05 15:32:28
(RHSA-2024:1719) Moderate: rear security update
2024-04-09 14:08:16
mageia
mageia
Updated rear packages fix security vulnerability
2024-04-13 19:56:38
fedora
fedora
[SECURITY] Fedora 39 Update: rear-2.7-8.fc39
2024-02-21 01:33:27
[SECURITY] Fedora 38 Update: rear-2.7-8.fc38
2024-02-21 01:39:46
debian
debian
[SECURITY] [DLA 3733-1] rear security update
2024-02-03 18:01:35
debiancve
debiancve
CVE-2024-23301
2024-01-12 23:15:10
amazon
amazon
Medium: rear
2024-02-15 03:52:00
rocky
rocky
rear security update
2024-05-06 13:04:21
prion
prion
Code injection
2024-01-12 23:15:00
ubuntucve
ubuntucve
CVE-2024-23301
2024-01-12 00:00:00