10 matches found
[SECURITY] [DLA 4400-1] rear security update
Debian LTS Advisory DLA-4400-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert December 10, 2025 https://wiki.debian.org/LTS Package : rear Version : 2.6+dfsg-1+deb11u1 CVE ID : CVE-2024-23301 Debian Bug : 1060747 It has been discovered that Relax-and-Recover aka...
Debian dla-4400 : rear - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4400 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4400-1 [email protected] https://www.debian.org/lts/security/...
Linux Distros Unpatched Vulnerability : CVE-2024-23301
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets...
rear: creates a world-readable initrd
A vulnerability has been identified in Relax-and-Recover ReaR, where the use of GRUBRESCUE=y results in the creation of an initrd that is readable by anyone. This flaw could potentially enable local attackers to obtain access to system secrets that are typically restricted to root privileges...
Medium: rear
Issue Overview: Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. CVE-2024-23301 Affected Packages: rear Note: This advisory is applicable to Amazon Linux 2...
OESA-2024-1077 rear security update
Relax-and-Recover is a setup-and-forget Linux bare metal disaster recovery solution. It is easy to set up and requires no maintenance so there is no excuse for not using it. Security Fixes: Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows...
SUSE-SU-2024:0135-1 Security update for rear27a
This update for rear27a fixes the following issues: - CVE-2024-23301: Fixed ReaR creates world-readable initrd with GRUBRESCUE=Y. bsc1218728...
AZL-44403 CVE-2024-23301 affecting package rear 2.4-7
Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...
UBUNTU-CVE-2024-23301
Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...
PT-2024-1137
Name of the Vulnerable Software and Affected Versions Relax-and-Recover aka ReaR versions 2.7 and earlier Description The issue is related to information disclosure. It allows local attackers to gain access to system secrets that are otherwise only readable by root. This occurs when using GRUB...