Lucene search
UbuntuUSN-6912-1HistoryJul 24, 2024 - 12:00 a.m.
provd vulnerability
2024-07-2400:00:00
ubuntu.com
4
ubuntu 24.04 lts
provd package
environment variables
privilege escalation
unix
CVSS3
8.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
7.2
Confidence
Low
Releases
- Ubuntu 24.04 LTS
Packages
- provd - Ubuntu Desktop Provision init backend
Details
James Henstridge discovered that provd incorrectly handled environment
variables. A local attacker could possibly use this issue to run arbitrary
programs and escalate privileges.
Related
vulnrichment
vulnrichment
CVE-2024-6714
2024-07-23 15:46:58
openvas
openvas
Ubuntu: Security Advisory (USN-6912-1)
2024-07-25 00:00:00
cve
cve
CVE-2024-6714
2024-07-23 16:15:06
cvelist
cvelist
CVE-2024-6714
2024-07-23 15:46:58
osv
osv
CVE-2024-6714
2024-07-23 16:15:06
provd vulnerability
2024-07-24 08:18:12
nessus
nessus
Ubuntu 24.04 LTS : provd vulnerability (USN-6912-1)
2024-07-24 00:00:00
nvd
nvd
CVE-2024-6714
2024-07-23 16:15:06
ubuntucve
ubuntucve
CVE-2024-6714
2024-07-22 00:00:00
CVSS3
8.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
7.2
Confidence
Low
Related for USN-6912-1