Lucene search

K

GoogleOSV:RLSA-2024:3211

HistoryJun 14, 2024 - 1:59 p.m.

Moderate: traceroute security update

2024-06-1413:59:16

Google

osv.dev

traceroute

security update

improper command line parsing

cve-2023-46316

rocky linux 8.10

release notes

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

The traceroute utility displays the route used by IP packets on their way to a specified network (or Internet) host.

Security Fix(es):

traceroute: improper command line parsing (CVE-2023-46316)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.10 Release Notes linked from the References section.

References

bugzilla.redhat.com/show_bug.cgi?id=2246303

errata.rockylinux.org/RLSA-2024:3211

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

Related for OSV:RLSA-2024:3211

packetstorm1 openvas7 oraclelinux2 osv3 nessus17 cbl_mariner1 rocky1 prion1 ubuntu1 amazon1 debiancve1 ubuntucve1 redhatcve1 redos1 zdt1 redhat2 cve1 alpinelinux1 veracode1 mageia1 almalinux2 cvelist1 nvd1 photon3 hp2