9 matches found
MiracleLinux 9 : rpm-ostree-2024.3-3.el9_4 (AXSA:2024-8423:04)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8423:04 advisory. rpm-ostree: world-readable /etc/shadow file 9.4.z JIRA:RHEL-31852 CVE-2024-2905 A security vulnerability has been discovered within rpm-ostree, pertaining to...
CVE-2024-2905 affecting package rpm-ostree for versions less than 2024.4-3
CVE-2024-2905 affecting package rpm-ostree for versions less than 2024.4-3. A patched version of the package is available...
Fedora: Security Advisory (FEDORA-2024-589189d414)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: rpm-ostree security update
An update for rpm-ostree is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
RHEL 9 : rpm-ostree (RHSA-2024:3401)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3401 advisory. The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used...
CVE-2024-2905
A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication da...
CVE-2024-2905 Rpm-ostree: world-readable /etc/shadow file
A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication da...
CVE-2024-2905
CVE-2024-2905 affects rpm-ostree where default builds expose a world-readable /etc/shadow. Multiple Nessus advisories (RHEL 9, AlmaLinux 9, Oracle Linux 9, MiracleLinux, Fedora) reference the issue and indicate patches/backports to a fixed rpm-ostree release (e.g., versions >= 2024.4-3 or rela...
Fedora 39 : rpm-ostree (2024-4afd3d38ae)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4afd3d38ae advisory. Backport fix for /etc/gshadow permissions Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...