RedHatRHSA-2024:3669(RHSA-2024:3669) Important: less security update
8.6 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
7.8 High
AI Score
Confidence
Low
The “less” utility is a text file browser that resembles “more”, but allows
users to move backwards in the file as well as forwards. Since “less” does not
read the entire input file at startup, it also starts more quickly than ordinary
text editors.
Security Fix(es):
- less: OS command injection (CVE-2024-32487)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | less | < 458-10.el7_9 | less-458-10.el7_9.x86_64.rpm |
| RedHat | 7 | ppc64 | less | < 458-10.el7_9 | less-458-10.el7_9.ppc64.rpm |
| RedHat | 7 | s390x | less-debuginfo | < 458-10.el7_9 | less-debuginfo-458-10.el7_9.s390x.rpm |
| RedHat | 7 | ppc64le | less-debuginfo | < 458-10.el7_9 | less-debuginfo-458-10.el7_9.ppc64le.rpm |
| RedHat | 7 | ppc64 | less-debuginfo | < 458-10.el7_9 | less-debuginfo-458-10.el7_9.ppc64.rpm |
| RedHat | 7 | x86_64 | less-debuginfo | < 458-10.el7_9 | less-debuginfo-458-10.el7_9.x86_64.rpm |
| RedHat | 7 | s390x | less | < 458-10.el7_9 | less-458-10.el7_9.s390x.rpm |
| RedHat | 7 | ppc64le | less | < 458-10.el7_9 | less-458-10.el7_9.ppc64le.rpm |
Related
8.6 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
7.8 High
AI Score
Confidence
Low