CBL Mariner 2.0 Security Update: tuned (CVE-2024-52336)

The version of tuned installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52336 advisory. - A script injection vulnerability was identified in the Tuned package. The instancecreate D-Bus function can b...

OESA-2024-2530 tuned security update

Tuned is a daemon that uses udev to monitor connected devices and statically and dynamically tunes system settings according to a selected profile. It is distributed with a number of predefined profiles for common use cases like high throughput, low latency, or powersave, and allows you to furthe...

UBUNTU-CVE-2024-52336

A script injection vulnerability was identified in the Tuned package. The instancecreate D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with scriptpre or scriptpost options that permit arbitrary...

tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root

A script injection vulnerability was identified in the Tuned package. The instancecreate D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with scriptpre or scriptpost options that permit arbitrary...

tuned 安全漏洞

tuned is tuned open source server-side program for a dynamic system tuning tool. The program is mainly used to monitor and collect data from various system components, and dynamically adjust system settings based on the information provided by the data. A security vulnerability exists in tuned,...

Code injection

tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service...