43 matches found
MiracleLinux 9 : rear-2.6-21.el9_3.ML.1 (AXSA:2024-7585:02)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7585:02 advisory. rear: creates a world-readable initrd CVE-2024-23301 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...
Debian: Security Advisory (DLA-4400-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-4400 : rear - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4400 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4400-1 [email protected] https://www.debian.org/lts/security/...
Linux Distros Unpatched Vulnerability : CVE-2024-23301
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets...
Alibaba Cloud Linux 3 : 0219: rear (ALINUX3-SA-2024:0219)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0219 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-23301: Relax-and-Recover aka ReaR through...
openSUSE Security Advisory (SUSE-SU-2024:0657-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 8 : rear (RLSA-2024:1719)
The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:1719 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets...
Mageia: Security Advisory (MGASA-2024-0131)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated rear packages fix security vulnerability
Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. CVE-2024-23301...
Moderate: Red Hat Security Advisory: rear security update
An update for rear is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
RHEL 8 : rear (RHSA-2024:1719)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1719 advisory. Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It...
Moderate: rear security update
Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It allows to restore to different hardware and can therefore be also used as a migration utility. Security Fixes: rear: creates a world-readable initrd...
rear security update
2.6-11.0.1 - Change OSVENDOR to OracleServer 2.6-11 - make initrd accessible only by root CVE-2024-23301, PR 3123...
AlmaLinux 9 : rear (ALSA-2024:1147)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:1147 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets...
Moderate: Red Hat Security Advisory: rear security update
An update for rear is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Moderate: rear security update
Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It allows to restore to different hardware and can therefore be also used as a migration utility. Security Fixes: rear: creates a world-readable initrd...
RHEL 9 : rear (RHSA-2024:1147)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1147 advisory. Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It...
openSUSE Security Advisory (SUSE-SU-2024:0247-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : rear27a (SUSE-SU-2024:0657-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0657-1 advisory. - CVE-2024-23301: Fixed world-readable initrd with GRUBRESCUE=Y bsc1218728. Bug fixes: - Fix mkinitrd dependency issue by installing...
SUSE-SU-2024:0657-1 Security update for rear27a
This update for rear27a fixes the following issues: - CVE-2024-23301: Fixed world-readable initrd with GRUBRESCUE=Y bsc1218728. Bug fixes: - Fix mkinitrd dependency issue by installing dracut-mkinitrd-deprecated see bsc1202352...