4 matches found
RHEL 8 : packagekit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - PackageKit: Information Disclosure in Transaction Interface via timing CVE-2022-0987 - PackageKit provide...
RHEL 6 : packagekit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - PackageKit: Information Disclosure in Transaction Interface via timing CVE-2022-0987 - PackageKit provide...
CVE-2022-0987
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...
CVE-2022-0987
CVE-2022-0987 concerns a timing side-channel in PackageKit’s Transaction interface. Some methods expose timing information, allowing a local user to infer the existence of files owned by root or other users. Impact is information disclosure with local access; CVSS values in the records show LOW s...